一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
-
Updated
Mar 10, 2022 - Vue
#
poc
Here are 1,531 public repositories matching this topic...
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
-
Updated
Mar 9, 2022 - Java
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
database
apt
exploit
scanner
hacking
password
poc
brute-force
pentest
bypass
crack
privilege-escalation
0day
getshell
netscan
rar-mysql
-
Updated
Oct 30, 2021 - PowerShell
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
exploit
penetration-testing
poc
rce
csrf
cve
bypass
thinkphp
cobalt-strike
authentication-bypass
getshell
penetration-testing-poc
csrf-webshell
sql-poc
poc-exp
oa-getshell
cve-cms
php-bypass
sql-getshell
-
Updated
Mar 13, 2022 - PowerShell
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
drupal
exploit
nexus
tomcat
poc
vulnerability
webshell
exp
weblogic
getshell
cve-2020-1938
cve-2020-2551
cve-2020-2555
cve-2020-10199
cve-2020-10204
cve-2020-2883
cve-2020-11444
cve-2020-5902
cve-2020-14882
-
Updated
Apr 4, 2021 - Python
大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
security
tools
hack
exploit
scanner
hacking
password
poc
brute-force
pentest
portscan
security-scanner
exp
security-tools
ladon
ipscanner
getshell
netscan
-
Updated
Mar 2, 2022 - C#
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
security
collection
study
hacking
poc
infosec
ctf
pentest
markdown-article
writeup
blueteam
ics-security
security-tools
pentest-tool
redteam
linux-learning
post-penetration
-
Updated
Feb 22, 2022 - C++
Gather and update all available and newest CVEs with their PoC.
security
exploit
hacking
penetration-testing
poc
vulnerability
infosec
pentesting
vulnerabilities
cve
software-security
red-team
security-tools
software-vulnerability
software-vulnerabilities
latest-cve
cve-poc
-
Updated
Mar 12, 2022
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
-
Updated
Dec 7, 2020 - C
全新的开源漏洞测试框架,实现poc在线编辑、运行、批量测试。使用文档:
security
poc
vulnerability
cve
vulnerability-scanners
security-tools
penetration-testing-poc
pocassist
-
Updated
Dec 7, 2021 - Go
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
-
Updated
Jul 30, 2021 - Java
K8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
mysql
security
exploit
ftp
scanner
ipc
smb
oracle
hacking
password
subdomain
wmi
poc
mssql
pentest
crack
portscan
cobalt-strike
getshell
netscan
-
Updated
Dec 25, 2019 - Python
红队综合渗透框架
-
Updated
Dec 13, 2021 - Python
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
-
Updated
Feb 12, 2022 - C
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
exploit
scanner
detection
poc
brute-force
portscan
security-tools
ms17010
hacktools
smbscan
sshscan
mysqlscan
ftpscan
bannerscan
-
Updated
Jul 27, 2021 - Go
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
-
Updated
Mar 6, 2020 - Java
Hacking Charles Web Debugging Proxy
-
Updated
Jan 23, 2020
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
security
exploit
log4j
hacking
cybersecurity
poc
pentesting
writeups
bugbounty
cve
pentest
payload
red-team
bugbounty-writeups
security-writeups
cve-2021-44228
bugbounttips
cve-2021-45046
cve-2021-45105
-
Updated
Jan 15, 2022 - Java
security
exploit
log4j
cybersecurity
poc
pentesting
writeups
bugbounty
red-team
blue-team
security-writeups
cve-2021-44228
bugbounttips
-
Updated
Jan 15, 2022
vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
poc
vulnerability
vulnerability-databases
exploitation-framework
vulnerability-scanners
security-tools
vulnerability-scanning
vulnerability-database-entry
webscanner
scanner-web
webscan
vulscan
pocscanner
pocscan
exploit-databa
sesecurity-vulnerability
-
Updated
May 10, 2019 - Python
Proofs-of-concept
-
Updated
Feb 23, 2022 - C#
Improve this page
Add a description, image, and links to the poc topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the poc topic, visit your repo's landing page and select "manage topics."