Starred repositories
Hacking Windows through iTunes - Local Privilege Escalation 0-day
PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting
Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
i will upload all the books that helped me in learning in this repo
writeup on stealing roblox accounts with Solara
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
The best tools and resources for forensic analysis.
Proof of Concept Exploit for CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential Vulnerability
Create tar/zip archives that try to exploit zipslip vulnerability.
Awesome-Cellular-Hacking
Proof of Concept for CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207
Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取/包含
JNDI 注入利用工具, 支持 RMI, LDAP 和 LDAPS 协议, 包含多种高版本 JDK 绕过方式 | A JNDI injection exploit tool that supports RMI, LDAP and LDAPS protocols, including a variety of methods to bypass higher-version JDK
FunJni(JNITrace & hook ,So分析神器 )
一款Spring综合漏洞的利用工具,工具支持多个Spring相关漏洞的检测以及利用
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。