ddawxaf Goto Github PK
Type: User
Type: User
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
把msf生成的安卓远控附加进普通的app中,并进行加固隐藏特征。可以绕过常见的手机安全管家。
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Android
免杀框架
基于javafx UI界面实现的android apk自动化批量反编译工具。运行后直接将apk文件拖入程序内,即可完成对dex和res反编译操作。
高危漏洞利用工具
ARL(灯塔)批量添加指纹
赏金自动化工具
AV Evasion Craft Online 在线免杀平台
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
一个漏洞利用工具仓库
一个各类漏洞POC知识库
针对 Acunetix AWVS扫描器开发的批量扫描脚本,支持log4j漏洞、SpringShell、SQL注入、XSS、弱口令等专项,支持联动xray、burp、w13scan等被动批量
一款用于辅助渗透测试工程师日常渗透测试的Burp被动漏扫插件
攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
一款使用rust开发的高性能正反向代理隧道工具,基于多路复用技术。
CDN
x64 ring0 Rootkit with Process Hiding and Privilege Escalation Capabilities
Cross platform interactive bind/reverse PTY shell
六大云存储,泄露利用检测工具
云资产管理工具 目前工具定位是云安全相关工具,目前是两个模块 云存储工具、云服务器工具, 云存储工具主要是针对oss存储、查看、删除、上传、下载、预览等等 云服务器工具主要是针对ecs服务器的管理,查看、执行命令等等
CVE-2023-22515
Confluence CVE 2021,2022,2023 利用工具,支持命令执行,哥斯拉,冰蝎 内存马注入
CVE-2021-4034简单优化,以应对没有安装gcc和make的目标环境
CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”
Juniper Firewalls CVE-2023-36845 - RCE
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
Powerful and customizable vulnerability scanner based on VDSL, which can replace Nessus or Nuclei, etc. 万象通用漏洞扫描器,支持强大的PoC脚本语言、先进易用的PoC开发和调试IDE、现代化无需等待OOB服务器。可替代Nessus和Nuclei等漏洞扫描产品。
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.