b1ngda0 Goto Github PK
Type: User
Type: User
A little tool to play with the Seclogon service
分享几个直接可用的内存马,记录一下学习过程中看过的文章
超详细的渗透测试思维导图
一款用于快速导出URL、Domain和IP的小工具
一款域渗透扫描工具,方便一键自动化、全方位的信息收集及扫描域提权漏洞。
Bildiğiniz üzere uzun zamandır MSSQL üzerine çalışmalar yapmaktayım. Bu yazımda uzun zamandır uğraştığım bir konuyu ele alacağım, MSSQL Rootkit. Bildiğiniz üzere şimdiye kadar MS-SQL için anlatılan post-exploitation işlemlerinin büyük çoğunluğu “xp_cmdshell” ve “sp_OACreate” stored procedure’lerini kullanarak anlatılır. Peki xp_cmdshell ve sp_OACreate stored procedure’lerinin olmadığı bir MSSQL sunucusunun “sa” hesabını ele geçirmişsek, o sisteme girmekten vaz mı geçeceğiz? Tabii ki vazgeçmememiz gerekiyor. Bu makale “sa” hesabının yakalandığı ve “xp_cmdshell”, “sp_OACreate”, “sp_OAMethod” vb. prosedürlerin hiç birinin çalışmadığı bir senaryo düşünülerek kaleme alınmıştır.
:atom: [WIP] 整理过去的分享,从零开始的Kubernetes攻防 ...
OAExploit一款基于产品的一键扫描工具。
一些常用的Python脚本
Nim Socks5 library
Go语言练习,第一个小工具,nmaptools解析xml导出xlsx结果、进行web服务探测、进行socket数据探测等
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
My experiments in weaponizing Nim (https://nim-lang.org/)
A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container
A list of freely available resources that can be used as a prerequisite before taking OSCE.
Handy Stored Password Decryption Techniques
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
个人准备渗透测试和安全面试的经验之谈,和去部分厂商的面试题,干货真的满满~
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
powershell免杀混淆器,简单有效,VT全过。A simple and effective powershell obfuscaiton tool bypass Anti-Virus
some gadgets about windows process and ready to use :)
This program is designed to demonstrate various process injection techniques
一款用于自动切换ip的代理池服务,无需任何依赖,能快速运行。
C++ python bytecode disassembler and decompiler
Python - 100天从新手到大师
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.