r00t7oo2jm Goto Github PK
Type: User
Type: User
This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API. This allows an attacker to inject malicious code into the Confluence server, which can then be executed by the server
Msmap is a Memory WebShell Generator.
捕获攻击队0day 360tianqingRCE
羊了个羊助手,羊了个羊一键闯关,请勿将本项目的任何内容用于商业或非法目的,否则后果自负
Retrieve AD accounts description and search for password in it
This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome people. I really recommend checking them out: https://i.blackhat.com/Asia-22/Friday-Materials/AS-22-Korkos-AMSI-and-Bypass.pdf and https://rastamouse.me/memory-patching-amsi-bypass/
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
一个拦截 XSSI & 识别Web蜜罐的Chrome扩展
ApexLdr is a DLL Payload Loader written in C
免杀捆绑器,过主流杀软。A Bundler bypass anti-virus
Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
Official writeups for Business CTF 2024: The Vault Of Hope
对权限绕过自动化bypass的burpsuite插件
A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
Proof of concepts scripts for vulnerabilities in CentOS Web Panel
CobaltStrike Malleable Profile
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证等
基于 OPSEC 的 CobaltStrike 后渗透自动化链
Zimbra RCE simple poc
CVE-2022-40684-RCE-POC Fortinet Vulnerability
Zimbra <9.0.0.p27 RCE
pocs & exploit for CVE-2023-24871 (rce + lpe)
The Poc for CVE-2024-20931
Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability
This repository contains an exploit for targeting Microsoft Outlook through Exchange Online, leveraging a vulnerability to execute arbitrary code via COM DLLs. The exploit utilizes a modified version of Ruler to send a malicious form as an email, triggering the execution upon user interaction within the Outlook thick client.
CVE-2024-21683 Post Auth RCE
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.