Stars
口令爆破字典,有键盘组合字典、拼音字典、字母与数字混合这三种类型
A native backdoor module for Microsoft IIS (Internet Information Services)
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
DNSChef - DNS proxy for Penetration Testers and Malware Analysts
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information colle…
Covenant is a collaborative .NET C2 framework for red teamers.
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…
Tomcat的文件包含及文件读取漏洞利用POC
CVE-2020-0688_EXP Auto trigger payload & encrypt method
一个基于VB.NET + IOCP模型开发的高效端口扫描工具,支持IP区间合并,端口区间合并,端口指纹深度探测
The most advanced free and open-source browser fingerprinting library
TideFinger——指纹识别小工具,汲取整合了多个web指纹库,结合了多种指纹检测方法,让指纹检测更快捷、准确。
一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN…
Default usernames and passwords for various systems (VoIP,IPMI,Oracle).
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
a webshell resides in the memory of java web server
Quasar Framework - Build high-performance VueJS user interfaces in record time