lay0us Goto Github PK

jjjjjjjjjjjjjs

爬网站JS文件，自动fuzz api接口，指定api接口（针对前后端分离项目，可指定后端接口地址），回显api响应

jndiexp

JDNI在java高版本的利用工具

jndiexploit

对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改

jndiexploit-1

一款用于JNDI注入利用的工具，大量参考/引用了Rogue JNDI项目的代码，支持直接植入内存shell，并集成了常见的bypass 高版本JDK的方式，适用于与自动化工具配合使用。

jndimonitor

一个LDAP请求监听器，摆脱dnslog平台

jojoloader

助力红队成员一键生成免杀木马，使用rust实现 | Help Redteam members generate Evasive Anti-virus software Trojan

jpg-png-exploit-downloader-fud-cryter-malware-builder-cve-2022

We have collectively determined that these vulnerabilities are available to individuals other than the person(s) who discovered them. An unknowable number of people having access to these vulnerabilities makes this a critical issue for everyone using this software.About CVE CVE was launched in 1999 when most information security tools used their own databases with their own names for security vulnerabilities. At that time there was no significant variation among products and no easy way to determine when the different databases were referring to the same problem.Our Developers Our Developer team is highly experienced in various languages and can deliver quality software Exploit JPG fast & reliably. Efficiency is guaranteed.

js-forward

前端参数加密渗透测试通用解决方案

jsbypassav

jsinfo-scan

递归式寻找域名和api。

jsloader

js免杀shellcode，绕过杀毒添加自启

jsonp-poc

一个可以快速验证JSONP漏洞的小脚本

jsp-webshells

Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势

jsphorse

JSPHorse Project Backup

jspspy.jsp

Jsp木马远程控制脚本（大马）

jsrpc

jsrpc,在浏览器开启一个ws和服务连接，以请求http接口的形式来和浏览器通信 ,浏览器端收到调用通信执行原先设置好的js代码并获得返回值。

jsshell

JSshell - JavaScript reverse/remote shell

js_dump_key

JS_dump_key

jud-scan

Red Team Tools 快速扫描端口，识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息。

jvmraspbypass

jvwa

java 代码审计学习靶场

jwt-hack

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

k8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

kali-scripts

Some usefull scripts for KaliLinux

killdefender

A small POC to make defender useless by removing its token privileges and lowering the token integrity

knowledge-base

Knowledge Base 慢雾安全团队知识库

krbrelayup

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

labyrinth

Come inside, and have a nice cup of tea.

lamda

⚡️ Android reverse engineering & automation framework | 史上最强安卓抓包/逆向/HOOK & 云手机/自动化辅助框架，你的工作从未如此简单快捷。

landray-oa-treexml-rce

蓝凌OA远程代码执行漏洞批量检查