ccqtv123 Goto Github PK
Type: User
Type: User
渗透 超全面的渗透资料💯 包含:0day,xss,sql注入,提权……
用于记录分享一些有趣的案例
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
各种数据库的利用姿势
Web端POC-EXP 整理
POC&EXP仓库、hvv弹药库、Nday、1day
利用powershell收集用户浏览器中保存的密码,桌面办公文件,电脑硬件软件信息。发送到指定邮件
修改版rebeyond
此脚本用于测试 Rdies 未授权访问,在没权限写ssh私钥和定时任务又不知道web绝对路径的情况下,进行WEB目录探测
Redis 漏洞利用工具
通过 Redis 主从写出无损文件
红方人员作战执行手册
红队笔记
记录自己编写、修改的部分工具
收集常用打点漏洞EXP,便于快速突破边界
日常积累的一些红队工具及自己写的脚本,更偏向于一些diy的好用的工具,并不是一些比较常用的msf/awvs/xray这种
rmi打内存马工具,适用于目标用不了ldap的情况
若依后台定时任务一键利用
创建隐藏计划任务,权限维持,Bypass AV
记录安全方面的笔记/工具/漏洞合集
提取DC日志,快速获取域用户对应IP地址
C# tool for UAC bypasses
SharpSQLTools 和@Rcoil一起写的小工具,可上传下载文件,xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。
Xshell全版本密码恢复工具
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)
基于BurpShiroPassiveScan修改增加了Xray回显链生成
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.