Z1ng3r22z
Follow
Stars
内网资产收集、探测主机存活、端口扫描、域控定位、文件搜索、各种服务爆破(SSH、SMB、MsSQL等)、Socks代理,一键自动化+无文件落地扫描
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
4个 .soap 版本的WebShell(持续更新维护),优点:可以运行于子目录,突破了过去只能运行于根目录的限制。4个脚本分别支持调用cmd.exe/哥斯拉/冰蝎/天蝎 客户端。
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)
Ridter / sshimpanzee
Forked from lexfo/sshimpanzeeA reverse shell based on sshd supporting DNS and ICMP Tunnelling as well as HTTP and Socks Proxies
一款高性能 HTTP 内存代理 | 哥斯拉插件 | readteam | 红队 | 内存马 | Suo5 | Godzilla | 正向代理
The cheat sheet about Java Deserialization vulnerabilities
内存马Demo合集 memshell demo for java / php / python
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
搜集了市面上绝大部分weblogic解密方式,整理了7种解密weblogic的方法及响应工具。
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).