向日葵 RCE

Free and Open Source Reverse Engineering Platform powered by rizin

Cyber Security ALL-IN-ONE Platform

Cyber Security ALL-IN-ONE Platform

后渗透

内网域渗透小工具

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

CVE-2021-4034 1day

A powerful browser crawler for web vulnerability scanners

360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能

Log4Shell scanner for Burp Suite

CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks

Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.

白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.

Rip web accessible (distributed) version control systems: SVN/GIT/HG...

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

《黑客防线》、《安全参考》、《书安》安全杂志电子版以及陈小兵老哥的《安天365专题研究》

👻Impost3r -- A linux password thief

👻Impost3r -- A linux password thief

Fixes the log4j exploit from being sent to Minecraft clients.

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Script for searching the extracted firmware file system for goodies!

前端参数加密渗透测试通用解决方案

解决web及移动端H5数据加密Burp调试问题

Firmware Analysis Tool

JFFS2 filesystem extraction tool