jaky5155 Goto Github PK

pe_to_shellcode

Converts PE into a shellcode

pentest-notes

《内网安全攻防-渗透测试实战指南》一些技术点概括

pentestnote

渗透测试☞经验/思路/想法/总结/笔记/面经. . .

phoenix-framework

Phoenix Framework Project

pikpikcu

platypus

:hammer: A modern multiple reverse shell sessions manager written in go

pocassist

全新的开源漏洞测试框架，实现poc在线编辑、运行、批量测试。使用文档：

poclist

Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE

pocorexp_in_github

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

pocsploit

a lightweight, flexible and novel open source poc verification framework

postconfluence

哥斯拉Confluence后渗透插件 MakeToken SearchPage ListAllUser AddAdminUser ListAllPage ........

printix-cve-2022-25090

A "Creation of Temporary Files in Directory with Insecure Permissions" vulnerability in PrintixService.exe, in Printix's "Printix Secure Cloud Print Management", Version 1.3.1106.0 and below allows any logged in user to elevate any executable or file to the SYSTEM context. This is achieved by exploiting race conditions in the Installer.

printspoofer

Abusing Impersonation Privileges on Windows 10 and Server 2019

probable_subdomains

Subdomains analysis and generation tool. Reveal the hidden!

proxy_pool

Proxy_Pool（代理资源池），一个小巧的代理ip抓取+评估+存储+展示的一体化的工具，包括了web展示和接口。

proxylogon

proxypool

自动抓取tg频道、订阅地址、公开互联网上的ss、ssr、vmess、trojan节点信息，聚合去重后提供节点列表

qiniuclient

云存储管理客户端。支持七牛云、腾讯云、青云、阿里云、又拍云、亚马逊S3、京东云，仿文件夹管理、图片预览、拖拽上传、文件夹上传、同步、批量导出URL等功能

qrljacking

QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.

ratel

​ ratel(獾) 是由rust开发的红队信息搜集，扫描工具，支持从fofa，zoomeye API查询，主动扫描端口，提取https证书域名，自定义poc，输出xlsx格式。

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

redguard

RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.

redteam-tools

Tools and Techniques for Red Team / Penetration Testing

redteamer

红方人员作战执行手册

rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

scan_tw

scanmycode-ce

Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report - Scanmycode Community Edition (CE)

scannn

一款红队辅助扫描工具，针对多端口多IP的端口扫描与特征分析程序

sd-webui-mov2mov

适用于Automatic1111/stable-diffusion-webui 的 Mov2mov 插件。

sec-admin

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)