lay0us Goto Github PK
Name: Lay0us
Type: User
Name: Lay0us
Type: User
爬网站JS文件,自动fuzz api接口,指定api接口(针对前后端分离项目,可指定后端接口地址),回显api响应
JDNI在java高版本的利用工具
对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
一个LDAP请求监听器,摆脱dnslog平台
助力红队成员一键生成免杀木马,使用rust实现 | Help Redteam members generate Evasive Anti-virus software Trojan
We have collectively determined that these vulnerabilities are available to individuals other than the person(s) who discovered them. An unknowable number of people having access to these vulnerabilities makes this a critical issue for everyone using this software.About CVE CVE was launched in 1999 when most information security tools used their own databases with their own names for security vulnerabilities. At that time there was no significant variation among products and no easy way to determine when the different databases were referring to the same problem.Our Developers Our Developer team is highly experienced in various languages and can deliver quality software Exploit JPG fast & reliably. Efficiency is guaranteed.
前端参数加密渗透测试通用解决方案
递归式寻找域名和api。
js免杀shellcode,绕过杀毒添加自启
一个可以快速验证JSONP漏洞的小脚本
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
JSPHorse Project Backup
Jsp木马远程控制脚本(大马)
jsrpc,在浏览器开启一个ws和服务连接,以请求http接口的形式来和浏览器通信 ,浏览器端收到调用通信执行原先设置好的js代码并获得返回值。
JSshell - JavaScript reverse/remote shell
JS_dump_key
Red Team Tools 快速扫描端口,识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息。
java 代码审计学习靶场
🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Some usefull scripts for KaliLinux
A small POC to make defender useless by removing its token privileges and lowering the token integrity
Knowledge Base 慢雾安全团队知识库
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
Come inside, and have a nice cup of tea.
⚡️ Android reverse engineering & automation framework | 史上最强安卓抓包/逆向/HOOK & 云手机/自动化辅助框架,你的工作从未如此简单快捷。
蓝凌OA远程代码执行漏洞批量检查
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.