Redis 4.x/5.x RCE

一些实用的python脚本

Mapping the MITRE ATT&CK Matrix with Osquery

python3写的综合扫描工具，主要用来敏感文件探测(目录扫描与js泄露接口)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，弱口令探测，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。

dump mysql client password from memory

CMS和中间件指纹库

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Eternalblue-Doublepulsar without Metasploit or python

Remote Command Execution as SYSTEM on Windows IoT Core

Six Degrees of Domain Admin

Generator of malicious Ace files for WinRAR < 5.70 beta 1

Jenkins RCE PoC. From unauthenticated user to remote code execution - it's a hacker's dream! (Chaining CVE-2019-1003000, CVE-2018-1999002, and more)

PoC for CVE-2019-5736

WDScanner平台目前实现了如下功能：分布式web漏洞扫描、客户管理、漏洞定期扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署、密码定向破解、社工库查询等功能。

A Python library for the Docker Engine API

CVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!

The great impacket example scripts compiled for Windows

thinkphp v5.x 远程代码执行漏洞-POC集合

Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.

Automatic SSRF fuzzer and exploitation tool

CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability

bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)

.NET debugger and assembly editor

exp of CVE-2018-15982

PowerShell Pass The Hash Utils

SvnExploit支持SVN源代码泄露全版本Dump源码

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be r…

poison and relay NTLM credentials