Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Nix

OCaml

Jupyter Notebook

Perl

Objective-C

Clojure

Kotlin

Dart

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

R

Erlang

C

Racket

C#

Rust

Perl

Scala

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇼🇫 Wallis and Futuna

🇳🇦 Namibia

🇮🇩 Indonesia

🇰🇪 Kenya

🇷🇼 Rwanda

🇧🇷 Brazil

🇷🇪 Réunion

🇪🇹 Ethiopia

All Countries Compare Countries

Ridter/acefile

Stars
270
Rank 151,323 (Top 3 %)
Language
Python
Created over 5 years ago
Updated over 1 year ago

Ridter/acefile

Ridter

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

POC of https://research.checkpoint.com/extracting-code-execution-from-winrar/

acefile

poc file of extracting-code-execution-from-winrar

check the file use command:

python acefile.py --headers 1.rar

When the 1.rar is unzipped, a file named demo2.txt will be released to dir c:\c2\demo123\.

Modification of acefile.py:

      if ace_crc16(buf) != hcrc:
            print("[+] right_hdr_crc : {} | struct {} ".format(hex(ace_crc16(buf)),struct.pack('<H', ace_crc16(buf))))
            print("[*] current_hdr_crc : {} | struct {}".format(hex(hcrc),struct.pack('<H', hcrc)))

output acefile right crc for change the rar file ~

thx for the author of acefile.py @droe

Intranet_Penetration_Tips

2018年初整理的一些内网渗透TIPS，后面更新的慢，所以整理出来希望跟小伙伴们一起更新维护~

noPac

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

CVE-2017-11882

CVE-2017-11882 from https://github.com/embedi/CVE-2017-11882

Pentest

Exchange2domain

cve-2020-0688

CVE-2019-1040

CVE-2019-1040 with Exchange

Mailget

通过脉脉用户猜测企业邮箱

get_ip_by_ico

从shodan获取使用了相同favicon.ico的网站

CVE-2018-15982_EXP

exp of CVE-2018-15982

PySQLTools

Mssql利用工具

RTF_11882_0802

PoC for CVE-2018-0802 And CVE-2017-11882

owa_info

获取Exchange信息的小工具

RelayX

NTLM relay test.

CS_Chinese_support

Cobalt strike 修改支持回显中文。

MyJSRat

This is JSRat.ps1 in Python

AMSI_bypass

SharpAddDomainMachine

SharpAddDomainMachine

proxyshell_payload

proxyshell payload generate

cs_custom_404

Cobalt strike custom 404 page

GhostPotato

Just pick out the code we need.

pyForgeCert

pyForgeCert is a Python equivalent of the ForgeCert.

DomainHiding

external c2 use domainhiding.

hackredis

p12tool

A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.

MSSQL_CLR

MSSQL CLR for pentest.

CVE-2019-1040-dcpwn

CVE-2019-1040 with Kerberos delegation

WebDAV

Set Up WebDAV Server for Remote File Sharing and more

warp_proxy

cloudflare socks5 server

atexec-pro

Fileless atexec, no more need for port 445

tshtun

Py写的tsh的流量加解密过程。

xslt_poc

Execute codes From XSLT

mousejack_replay

Python_Codes

some python codes

Cortana

Some Cortana scripts

comment

gitTun

wooyun_public

乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops

Ridter