Light

ccqtv123 Goto Github PK

followers: 3.0 following: 41.0 repos: 152.0 gists: 0.0

Type: User

ccqtv123's Projects

penetration

渗透超全面的渗透资料💯 包含：0day，xss，sql注入，提权……

penetration_testing_case

用于记录分享一些有趣的案例

penetration_testing_poc

渗透测试有关的POC、EXP、脚本、提权、小工具等，欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

pentestdb

各种数据库的利用姿势

poc-exp

Web端POC-EXP 整理

poc-wiki

pochouse

POC&EXP仓库、hvv弹药库、Nday、1day

powershell_fisher

利用powershell收集用户浏览器中保存的密码，桌面办公文件，电脑硬件软件信息。发送到指定邮件

project

rebeyond-mode

修改版rebeyond

redisdirscan

此脚本用于测试 Rdies 未授权访问，在没权限写ssh私钥和定时任务又不知道web绝对路径的情况下，进行WEB目录探测

redisexp

Redis 漏洞利用工具

rediswritefile

通过 Redis 主从写出无损文件

redteamer

红方人员作战执行手册

redteamnotes

红队笔记

redteamtools

记录自己编写、修改的部分工具

redteamvul

收集常用打点漏洞EXP，便于快速突破边界

redtool

日常积累的一些红队工具及自己写的脚本，更偏向于一些diy的好用的工具，并不是一些比较常用的msf/awvs/xray这种

rmi_inj_memshell

rmi打内存马工具，适用于目标用不了ldap的情况

ruoyi-all

若依后台定时任务一键利用

schtask_0x727

创建隐藏计划任务，权限维持，Bypass AV

sec-note

记录安全方面的笔记/工具/漏洞合集

sharpaduserip

提取DC日志，快速获取域用户对应IP地址

sharpbypassuac

C# tool for UAC bypasses

sharpsqltools

SharpSQLTools 和@Rcoil一起写的小工具，可上传下载文件，xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。

sharpxdecrypt

Xshell全版本密码恢复工具

shiroattack2

shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack

shiropaddingoracle

shiroscan

Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)

shiroscan2

基于BurpShiroPassiveScan修改增加了Xray回显链生成

1
2
3
4
5
6

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.