kkilloas Goto Github PK
Name: hahaheihei
Type: User
Name: hahaheihei
Type: User
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
2021 hw
2021hvv漏洞汇总
一个 go后端的模板框架,有很多重复性的初始化代码。从这里开始,只需要专心写业务逻辑。
“冰蝎”动态二进制加密网站管理客户端
爆破字典
bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
Tomcat-Ajp协议文件读取漏洞
CNVD-2020-10487/CVE-2020-1938,批量扫描工具
Remote root exploit for the SAMBA CVE-2017-7494 vulnerability
The dict for weak passwd or pwd
Cowrie docker based on alpine
The docker-compose project with cowrie and mysql
docker remote api未授权访问的利用代码
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Pwn stuff.
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
POC for GitLabs Authenticated RCE in version 11.4.7 community edition
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Linux privilege escalation auditing tool
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
LibSSH Authentication Bypass Exploit using RCE
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
PyShell makes interacting with web-based command injection less painful, emulating the feel of an interactive shell as much as possible.
安卓应用层抓包通杀脚本
Red Teaming Tactics and Techniques
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.