Stars
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
A PHP7 extension that can hook most functions/classes and parts of opcodes
🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP po…
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
awesome list of browser exploitation tutorials
linux-kernel-exploits Linux平台提权漏洞集合
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
绕过专业工具检测的Webshell研究文章和免杀的Webshell
分布式WEB指纹识别平台 Distributed WEB fingerprint identification platform
Plug-in type web vulnerability scanner
Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】
QAQ Just study unserialize vulnerabilities in Java :)
Pre-Built Vulnerable Environments Based on Docker-Compose
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
The great impacket example scripts compiled for Windows
Impacket is a collection of Python classes for working with network protocols.
An extensible and concurrency pentest framework in Go, also with WebGUI. Feel free to CONTRIBUTE!
Get website IP address by scanning the entire net 通过扫描全网绕过CDN获取网站IP地址
A little tool to play with Windows security
a webshell resides in the memory of java web server
Collection of quality safety articles. Awesome articles.
ruadmin is a logon *Brute Force* tool, for windows privilege escalation, but also system management.