git0hub1
Follow
-
SecLists Public
Forked from danielmiessler/SecListsSecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
PHP MIT License UpdatedSep 25, 2024 -
sundeskQ Public
Forked from milu001/sundeskQ向日葵密码提取、todesk密码提取,ID、临时密码,安全密码读取工具
UpdatedSep 12, 2024 -
-
info_scan Public
Forked from huan-cdm/info_scan自动化漏洞扫描系统,包括IP基础信息探测模块(位置、属性、操作系统、端口、绑定的域名、公司名称、公司位置信息、网站标题、CDN信息、绑定网站指纹、子域名),漏洞扫描模块,(weblogic、struts2、nuclei、xray、rad、目录扫描、js链接扫描、端口扫描、调用威胁情报抓取历史绑定url、网站指纹、信息泄露、vulmap、afrog、fscan、DNS日志、shiro、spri…
Python UpdatedJul 21, 2024 -
secure_tools_link Public
Forked from huan-cdm/secure_tools_link网络安全相关工具和文章链接总结
UpdatedJul 18, 2024 -
-
endpoints_explore-actuator Public
Forked from wzqs/endpoints_exploreEndpoints Explorer is a Python script that employs multiple bypass rules to discover sensitive endpoints
Python MIT License UpdatedMay 26, 2024 -
xzbot Public
Forked from amlweems/xzbotnotes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
Go UpdatedApr 3, 2024 -
cbrutekrag-ssh Public
Forked from matricali/cbrutekragPenetration tests on SSH servers using brute force or dictionary attacks. Written in C.
C MIT License UpdatedApr 1, 2024 -
CVE-2024-23897-jenkins Public
Forked from wjlin0/CVE-2024-23897CVE-2024-23897 - Jenkins 任意文件读取 利用工具
Go MIT License UpdatedMar 16, 2024 -
JNDI-Injection-Exploit-Plus Public
Forked from cckuailong/JNDI-Injection-Exploit-Plus80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
Java MIT License UpdatedMar 8, 2024 -
-
JenkinsExploitGUI Public
Forked from charonlight/JenkinsExploitGUIJenkins CLI 任意文件读取漏洞检查工具
UpdatedFeb 2, 2024 -
VcenterKiller Public
Forked from Schira4396/VcenterKiller一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
Go Apache License 2.0 UpdatedFeb 1, 2024 -
-
Hysteria2-ssr Public
Forked from missuo/Hysteria2Hysteria 2 One-Click Installation Script
Shell MIT License UpdatedFeb 1, 2024 -
spring-amqp-deserialization Public
Forked from X1r0z/spring-amqp-deserializationPoC of Spring AMQP Deserialization Vulnerability (CVE-2023-34050)
Java UpdatedJan 29, 2024 -
CVE-2024-23897 Public
Forked from 3yujw7njai/CVE-2024-23897CVE-2024-23897 jenkins-cli
UpdatedJan 27, 2024 -
JavSP Public
Forked from Yuukiy/JavSP汇总多站点数据的AV元数据刮削器
Python GNU General Public License v3.0 UpdatedJan 22, 2024 -
Movie_Data_Capture Public
Forked from mvdctop/Movie_Data_CaptureLocal Movies Organizer
Python GNU General Public License v3.0 UpdatedJan 22, 2024 -
NacosExploitGUI Public
Forked from charonlight/NacosExploitGUINacos漏洞综合利用GUI工具,集成了默认口令漏洞、SQL注入漏洞、身份认证绕过漏洞、反序列化漏洞的检测及其利用
Java UpdatedJan 14, 2024 -
-
LadonGo Public
Forked from k8gege/LadonGoLadon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/Htt…
Go MIT License UpdatedDec 15, 2023 -
cloudtoolkit Public
Forked from 404tk/cloudtoolkitCloud Penetration Testing Toolkit
Go MIT License UpdatedDec 5, 2023 -
CVE-2023-4357-Chrome-XXE Public
Forked from xcanwin/CVE-2023-4357-Chrome-XXE全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞 EXP, 实现对访客者本地文件窃取. Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors.
UpdatedNov 21, 2023 -
-
Vuln-List Public
Forked from wwl012345/Vuln-List(持续更新)对网上出现的各种OA、中间件、CMS等漏洞进行整理,主要包括漏洞介绍、漏洞影响版本以及漏洞POC/EXP等,并且会持续更新。
UpdatedNov 2, 2023 -
SBSCAN Public
Forked from sule01u/SBSCANSBSCAN是一款专注于spring框架的渗透测试工具,可以对指定站点进行spring boot敏感信息扫描以及进行spring相关漏洞的扫描与验证。
Python MIT License UpdatedOct 27, 2023 -
-
blackjump Public
Forked from tarihub/blackjumpJumpServer 堡垒机未授权综合漏洞利用, CVE-2023-42442 / CVE-2023-42820 Exploit
Python MIT License UpdatedOct 15, 2023