ygnight Goto Github PK
Type: User
Type: User
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
Apache shiro <= 1.2.4 rememberMe 反序列化漏洞利用工具
Loophole reappearance
CTF中任意文件读取的fuzz列表 (Arbitrary file read fuzz list in CTF)
爆破字典
BBT - Bug Bounty Tools
漏洞利用框架模块分享仓库
CNVD-2020-10487/CVE-2020-1938,批量扫描工具
CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具,目前仅支持java语言。实现从源码反编译,数据库生成,脆弱性发现的全过程,可以辅助代码审计人员快速定位源码可能存在的漏洞。
fixed msf module for cve-2017-7269
weblogic CVE-2021-2109批量验证poc
各类字典的收集,各式各样的,持续更新中~
漏洞复现、批量脚本
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Fastjson姿势技巧集合
Here you can find mostly all disclosed h1 reports
使用JAVAFX图形化界面检测对HVV中常见的重点CMS系统和OA系统的已公开的漏洞进行验证。
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
:palm_tree:Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (Windows提权漏洞合集)
统计以往泄露数据中的口令字段,按频率排序,生成一个包含1q2w3e4r zxcvbnm qwertyuiop等常见键盘组合的口令字典
Study Notes For Web Hacking / Web安全学习笔记
MarkdownPicPicker is a tool to upload a picture in clipboard to cloud and write a markdown format url of the picture to clipboard
Mysql Server端伪造-任意文件读取-CTF快速利用脚本
抽空写点poc和整理网上的部分poc
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
有关渗透测试的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.