一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
-
Updated
Aug 8, 2022 - Vue
#
poc
Here are 1,700 public repositories matching this topic...
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
-
Updated
Jul 16, 2022 - Java
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
database
apt
exploit
scanner
hacking
password
poc
brute-force
pentest
bypass
crack
privilege-escalation
0day
getshell
netscan
rar-mysql
-
Updated
Jul 28, 2022 - PowerShell
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
exploit
penetration-testing
poc
rce
csrf
cve
bypass
thinkphp
cobalt-strike
authentication-bypass
getshell
penetration-testing-poc
csrf-webshell
sql-poc
poc-exp
oa-getshell
cve-cms
php-bypass
sql-getshell
-
Updated
Jul 18, 2022 - PowerShell
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
security
collection
study
hacking
poc
infosec
ctf
pentest
markdown-article
writeup
blueteam
ics-security
security-tools
pentest-tool
redteam
linux-learning
post-penetration
-
Updated
Jul 28, 2022 - C++
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
drupal
exploit
nexus
tomcat
poc
vulnerability
webshell
exp
weblogic
getshell
cve-2020-1938
cve-2020-2551
cve-2020-2555
cve-2020-10199
cve-2020-10204
cve-2020-2883
cve-2020-11444
cve-2020-5902
cve-2020-14882
-
Updated
Apr 4, 2021 - Python
Gather and update all available and newest CVEs with their PoC.
security
exploit
hacking
penetration-testing
poc
vulnerability
infosec
pentesting
vulnerabilities
cve
software-security
red-team
security-tools
software-vulnerability
software-vulnerabilities
latest-cve
cve-poc
-
Updated
Aug 8, 2022 - HTML
大型内网渗透扫描器&Cobalt Strike,Ladon9.1.8内置160个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
security
tools
hack
exploit
scanner
hacking
password
poc
brute-force
pentest
portscan
security-scanner
exp
security-tools
ladon
ipscanner
getshell
netscan
-
Updated
Jul 28, 2022 - C#
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
-
Updated
Dec 7, 2020 - C
全新的漏洞测试框架,支持poc在线编辑、运行、批量测试。使用文档:
security
poc
vulnerability
cve
vulnerability-scanners
security-tools
penetration-testing-poc
pocassist
-
Updated
Jun 21, 2022 - Go
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
-
Updated
Jul 30, 2022 - Python
LadonGO 4.2 Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
exploit
scanner
detection
poc
brute-force
portscan
security-tools
ms17010
hacktools
smbscan
sshscan
mysqlscan
ftpscan
bannerscan
-
Updated
Jul 28, 2022 - Go
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
-
Updated
Jul 30, 2021 - Java
红队综合渗透框架
-
Updated
Jul 6, 2022 - Python
K8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
mysql
security
exploit
ftp
scanner
ipc
smb
oracle
hacking
password
subdomain
wmi
poc
mssql
pentest
crack
portscan
cobalt-strike
getshell
netscan
-
Updated
Dec 25, 2019 - Python
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
-
Updated
Feb 12, 2022 - C
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
-
Updated
Jun 17, 2022 - Java
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
security
exploit
log4j
hacking
cybersecurity
poc
pentesting
writeups
bugbounty
cve
pentest
payload
red-team
bugbounty-writeups
security-writeups
cve-2021-44228
bugbounttips
cve-2021-45046
cve-2021-45105
-
Updated
Jan 15, 2022 - Java
afrog 是一款性能卓越、快速稳定、PoC 可定制化的漏洞扫描工具 - A tool for finding vulnerabilities
-
Updated
Aug 5, 2022 - Go
Hacking Charles Web Debugging Proxy
-
Updated
Jan 23, 2020
security
exploit
log4j
cybersecurity
poc
pentesting
writeups
bugbounty
red-team
blue-team
security-writeups
cve-2021-44228
bugbounttips
-
Updated
Jul 14, 2022
-
Updated
Jul 5, 2022
Proofs-of-concept
-
Updated
Jul 27, 2022 - C++
Improve this page
Add a description, image, and links to the poc topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the poc topic, visit your repo's landing page and select "manage topics."