whwlsfb's repos on GitHub
Java · 1644 watchers
BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
Java · 837 watchers
Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
Java · 202 watchers
SpringSpider
Spring Actuator端点的BurpSuite被动扫描插件。
Go · 48 watchers
pty_bind_shell
Pty bind shell for golang 一款基于SSH协议的远控程序
Python · 23 watchers
CVE-2021-22205
CVE-2021-22205 Gitlab 未授权远程代码执行漏洞 EXP, 移除了对djvumake & djvulibre的依赖,可在win平台使用
JavaScript · 12 watchers
BurpCrypto-JsLibrary
BurpCrypto officially confirms the supported JS library (BurpCrypto官方确认支持的JS库).
3 watchers
BurpSuite-collections
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
Python · 2 watchers
hscan
用于网站状况检测、通知的脚本。
1 watchers
CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
1 watchers
dnslog-2
dnslog dns / dns rebinding platform
Python · 1 watchers
F-Scrack
一款python编写的轻量级弱口令检测脚本,目前支持以下服务:FTP、MYSQL、MSSQL、MONGODB、REDIS、TELNET、ELASTICSEARCH、POSTGRESQL。
1 watchers
frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
1 watchers
goby_poc
goby poc or exp,分享goby最新网络安全漏洞检测或利用代码
Python · 1 watchers
HLSpider
基于Scrapy的页面敏感词检测工具
Java · 1 watchers
jar-analyzer
Jar Analyzer - 一个JAR包分析工具,批量分析搜索,方法调用关系搜索,字符串搜索,Spring分析,CFG分析,JVM Stack Frame分析等众多功能
Java · 1 watchers
MemShellParty
一款专注于 Java 主流 Web 中间件的内存马快速生成工具,致力于简化安全研究人员和红队成员的工作流程,提升攻防效率
Java · 1 watchers
onedev
Super Easy All-In-One DevOps Platform
Go · 1 watchers
revsuit
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
1 watchers
viewgen
Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
0 watchers
AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
C# · 0 watchers
BiliBiliTool
.Net 5 编写的B站(哔哩哔哩)任务工具,通过GitHub Actions实现每日线上自动运行任务:每日自动登录、观看、分享、投币视频,获取每日任务的满额经验,轻松升级Level 6,实现自动领取大会员权益、月底自动为自己充电等功能。
PHP · 0 watchers
budget
Get a grip on your finances.
Go · 0 watchers
clash
A rule-based tunnel in Go.
0 watchers
EKAER-Dotnet-Client
Unofficial, platform independent .NET standard client for the hungarian EKAER API
HTML · 0 watchers
haha-translate
https://whwlsfb.github.io/haha-translate/
0 watchers
JustTrustMe
An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
0 watchers
linux
Linux kernel source tree
0 watchers
nas-tools
A fork of NAStool/nas-tools:2.9.1
C# · 0 watchers
NetCoreServer
Ultra fast and low latency asynchronous socket server & client C# .NET Core library with support TCP, SSL, UDP, HTTP, HTTPS, WebSocket protocols and 10K connections problem solution
0 watchers
next-terminal
Next Terminal是使用Golang和React开发的一款HTML5的远程桌面网关,具有小巧、易安装、易使用、资源占用小的特点,支持RDP、SSH、VNC和Telnet协议的连接和管理。
0 watchers
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
0 watchers
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Python · 0 watchers
penelope
Penelope Shell Handler
PowerShell · 0 watchers
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Go · 0 watchers
prism
nof1.ai 复刻
TeX · 0 watchers
rootkit
Sample Rootkit for Linux
C++ · 0 watchers
ruadmin
ruadmin is a logon *Brute Force* tool, for windows privilege escalation, but also system management.
0 watchers
SharpGPOAbuse
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
0 watchers
SharpUp
SharpUp is a C# port of various PowerUp functionality.
0 watchers
sigma
Generic Signature Format for SIEM Systems
C# · 0 watchers
TcpLibrary
Deserialization tcp communication framework, C# version
0 watchers
TcpServerChannelRce
一款基于James Forshaw的.NET Remoting反序列化工具升级版在TypeFilterLevel.Low模式无文件payload任意代码执行poc的开发心得
C# · 0 watchers
TiSocket
Deserialization tcp/udp communication framework, C# .net standard 2.0 version
0 watchers
twitter-scraper
Scrape the Twitter Frontend API without authentication.
0 watchers
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
0 watchers
Win10-Initial-Setup-Script
PowerShell script for automation of routine tasks done after fresh installations of Windows 10 / Server 2016 / Server 2019
0 watchers
xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档