all-the-time Goto Github PK
Name: wholuwa
Type: User
Bio: wa-kaka
Name: wholuwa
Type: User
Bio: wa-kaka
常用渗透poc收集
📡PoC auto collect from GitHub.
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
Powershell攻击指南----黑客后渗透之道
PowerSploit - A PowerShell Post-Exploitation Framework
Prometheus Operator creates/configures/manages Prometheus clusters atop Kubernetes
Free web-application vulnerability and version scanner
CTF framework and exploit development library in python3 (pwntools and binjitsu fork)
A collection of open source and commercial tools that aid in red team operations.
信息收集
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
大安全各领域各公司各会议分享的PPT(此仓库仅作为储存仓库,浏览请通过https://feei.cn/security-resources)
Python port of ShadowsocksR
对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。
Code for the tutorial series on creating Microservices with Golang
Shiro RememberMe 1.2.4 反序列化 漏洞
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)
A simple Python CLI to spoof emails.
空间索引的各种实现
简单强大的多协议双向代理工具 A simple and powerful proxy
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
Struts2全漏洞扫描利用工具
Web漏洞扫描工具XRAY的GUI启动器 (Web Vulnerability Scanner GUI Starter)
Tars is a highly performance rpc framework based on naming service using tars protocol and provides a semi-automatic operation platform.
It's a test repository
本项目曾冲到全球第一,干货集锦见本页面最底部,另完整精致的纸质版《编程之法:面试和算法心得》已在京东/当当上销售
对 The Hacker Playbook 3 的翻译。
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .
TideFinger——指纹识别小工具,汲取整合了多个web指纹库,结合了多种指纹检测方法,让指纹检测更快捷、准确。
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.