heyzm's Projects
FilterBased/ServletBased in memory shell for Tomcat and some other middlewares
CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15
A tool to dump the login password from the current linux user
Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory
百宝箱
X安蜜罐用的一些存在JSonp劫持的API
https://mochazz.github.io
域渗透工具
Proof of concept exploit script used to exploit the MS15-034 vulnerability in the Windows HTTP Protocol Stack (HTTP.sys)
MSSQL注入提权,bypass的一些总结
myscan 被动扫描
Authenticate against a MySQL server without knowing the cleartext password
MySQL实时监控工具(代码审计/黑盒/白盒审计辅助工具)
一款lcx在golang下的实现
新一代NAT内网穿透+shell+vnc工具
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
Nessus中文报告自动化脚本
半自动化将 Nessus 英文报告(csv格式)生成中文 excel ,中文漏洞库已有700多条常见漏洞,后续再进一步加上新漏洞自动翻译,实现全自动化
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Using TLS 1.3 to evade censors, bypass network defenses, and blend in with the noise
笔记
Community curated list of templates for the nuclei engine to find security vulnerabilities.
note
The program is designed to obfuscate the shellcode.
Mining parameters from dark corners of Web Archives
👍 Awesome password to hack
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
编程电子书下载,电子书下载,包括C,C#,Docker,Elasticsearch,Git,Hadoop,HeadFirst,Java,Javascript,jvm,Kafka,Linux,Maven,MongoDB,MyBatis,MySQL,Netty,Nginx,Python,RabbitMQ,Redis,Scala,Solr,Spark,Spring,SpringBoot,SpringCloud,TCPIP,Tomcat,Zookeeper,人工智能,大数据类,并发编程,数据库类,数据挖掘,新面试题,架构设计,算法系列,计算机类,设计模式,软件测试,重构优化,等更多分类
鹿不在侧,鲸不予游🐋