deedarrick Goto Github PK
Type: User
Bio: 微信公众号:网络空间信息安全学习
Type: User
Bio: 微信公众号:网络空间信息安全学习
最全的pandownload历史版本备份
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
A collection of PHP backdoors. For educational or testing purposes only.
Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
My musings with PowerShell
PowerSploit - A PowerShell Post-Exploitation Framework
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Dump various types of Windows credentials without injecting in any process.
记录自己编写、修改的部分工具
日常积累的一些红队工具及自己写的脚本,更偏向于一些diy的好用的工具,并不是一些比较常用的msf/awvs/xray这种
:trollface: A hex editor for WeChat/QQ/TIM - PC版微信/QQ/TIM防撤回补丁(我已经看到了,撤回也没用了)
《黑客防线》、《安全参考》、《书安》安全杂志电子版以及陈小兵老哥的《安天365专题研究》
Secure delete files with right click. GUI for Sysinternals SDelete tool
2019年软考-信息安全工程师笔记整理(可不可以小小的求一个star)
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)
Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)
天蝎权限管理工具采用Java平台的JavaFX技术开发的桌面客户端,支持跨平台运行,目前基于JDK1.8开发,运行必须安装JDK或JRE 1.8,注意不能是open jdk,只能是oracle的jdk。 天蝎权限管理工具基于冰蝎加密流量进行WebShell通信管理的原理,目前实现了jsp、aspx、php、asp端的常用操作功能,在原基础上,优化了大文件上传下载、Socket代理的问题,修改了部分API接口代码。
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
超级SQL注入工具(SSQLInjection)是一款基于HTTP协议自组包的SQL注入工具,采用C#开发,直接操作TCP会话来进行HTTP交互,支持出现在HTTP协议任意位置的SQL注入,支持各种类型的SQL注入,支持HTTPS模式注入;支持以盲注、错误显示、Union注入等方式来获取数据;支持Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix等数据库;支持手动灵活的进行SQL注入绕过,可自定义进行字符替换等绕过注入防护。本工具为渗透测试人员、信息安全工程师等掌握SQL注入技能的人员设计,需要使用人员对SQL注入有一定了解。
Telegram Desktop messaging app
message api for telegram bot 可供多人发送消息的 telegram 机器人 api , 类似server酱的开源实现
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Traccar GPS Tracking System
:electric_plug:Translation plugin for JetBrains IDEs/Android Studio
📖 Uncle小说,PC版,一个全网小说下载器及阅读器,目录解析与书源结合,支持有声小说与文本小说,可下载mobi、epub、txt格式文本小说。
Unlock encrypted music file in browser. 在浏览器中解锁加密的音乐文件。
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.