nansjcn Goto Github PK
Type: User
Type: User
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
整理的2019年厂商发布的漏洞预警公开POC集合,不足之处还希望多多补充,完善
403/401 Bypass Methods + Bash Automation + Your Support ;)
Apache-Log4j漏洞复现笔记
本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。傻瓜式导入url即可实现批量getshell。批量自动化测试。例如:Thinkphp,Struts2,weblogic。出现的最新漏洞进行实时跟踪并且更新例如:log4jRCE,向日葵RCE 等等.
这是公开的thecryptoyou辅助脚本
Command2API - 万物皆可API
Analyze and reproduce attack events or vulnerabilities in the blockchain world.
Laravel <= v8.4.2 debug mode: Remote code execution (CVE-2021-3129)
CVE-2021-41773 CVE-2021-42013漏洞批量检测工具
CVE-2022-22947批量检测脚本,回显命令没进行正则,大佬们先用着,后续再更
Spring Cloud Gateway远程代码执行漏洞POC,基于命令执行的基础上,增加了反弹shell操作
Spring Cloud Gateway 远程代码执行漏洞Exp Spring_Cloud_Gateway_RCE_Exp-CVE-2022-22947
Reproduce DeFi hack incidents using Foundry.
应急响应实战笔记,一个安全工程师的自我修养。
Fofa平台采集工具
Grafana 任意文件读取漏洞poc
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
致敬全宇宙最无敌的Java日志库!
Command line tool for dumping Jenkins credentials.
JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
Java内存马注入工具
Knowledge Base 慢雾安全团队知识库
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
Remote Code Injection In Log4j
BurpSuite Extension: Log4j RCE Scanner
Log4j2 RCE Passive Scanner plugin for BurpSuite
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.