☆58Nov 28, 2023Updated 2 years ago
Alternatives and similar repositories for dragon-lab
Users that are interested in dragon-lab are comparing it to the libraries listed below
Sorting:
- 可以从公开仓库直接拖取镜像的一个小工具 方便直接解包审计代码☆13Feb 11, 2023Updated 3 years ago
- 一个基于DNS隧道的简单C2☆61Jul 19, 2022Updated 3 years ago
- 红队自动化打点神器!!! ARL使用代理池联动nuclei,xray并通过企业微信机器人告警。☆26Sep 29, 2024Updated last year
- ☆14Aug 4, 2021Updated 4 years ago
- 电子书籍-代码审计-域渗透(内网思路)-免杀-云安��全☆51May 10, 2024Updated last year
- echoes(回响)是一款Github,红队监测工具☆14Mar 31, 2022Updated 3 years ago
- NTLM/Negotiate authentication over HTTP that supports Pass The Hash Mode (PtH)☆17Sep 13, 2024Updated last year
- ☆309Feb 27, 2025Updated last year
- OpenFire 管理后台账号密码解密☆30Dec 15, 2020Updated 5 years ago
- 【三万字原创】完全零基础从0到1掌握Java内存马,公众号:追梦信安☆989May 25, 2025Updated 9 months ago
- 快速筛选Enscan输出结果中的domain,让你在红蓝攻防中快人一步☆30Aug 13, 2025Updated 7 months ago
- 应对渗透中极限环境下命令回显 & 文件落地☆133Jul 1, 2022Updated 3 years ago
- JDBC Attack Tricks☆154Sep 3, 2023Updated 2 years ago
- Cs-Sleep-Mask-Fiber☆18May 16, 2025Updated 10 months ago
- cve-2022-39197 poc☆74Sep 22, 2022Updated 3 years ago
- Hacking the Linux kernel☆15Jun 17, 2023Updated 2 years ago
- FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用☆1,189Jul 12, 2024Updated last year
- JDK CVE-2023-21939☆94Aug 26, 2023Updated 2 years ago
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆462Jan 12, 2025Updated last year
- fastjson 80 远程代码执行漏洞复现☆199Sep 7, 2022Updated 3 years ago
- ☆17Aug 25, 2022Updated 3 years ago
- 攻击Java Web应用-[Java Web安全]☆15Dec 9, 2020Updated 5 years ago
- 备份下比赛附件☆22Jan 23, 2023Updated 3 years ago
- 哥斯拉webshell管理工具二次开发规避流量检测设备☆1,049Dec 2, 2025Updated 3 months ago
- PortBender修改为exe版本☆29Jul 24, 2023Updated 2 years ago
- 各种数据库的利用姿势☆1,033Jan 3, 2025Updated last year
- TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.☆631Nov 30, 2022Updated 3 years ago
- burpsuite插件-被动无感识别指纹-主动poc扫描☆29Sep 13, 2024Updated last year
- 命令执行不回显但DNS协议出网的命令回显场景解决方案☆277Jan 10, 2023Updated 3 years ago
- ☆525Sep 16, 2022Updated 3 years ago
- 一个可以全端口捕获流量的简易蜜罐 tcppc: A simple honeypot to capture TCP/TLS/UDP payloads on ALL ports.☆13Aug 3, 2022Updated 3 years ago
- 解析netsh抓取的etl文件来定位windows主机上存在ICMP通信的进程与文件的小工具☆31Apr 22, 2022Updated 3 years ago
- dotnet 反序列化学习笔记☆513Oct 19, 2023Updated 2 years ago
- The container escape challenge of Be A RWCTFer competition (https://be-a-rwctfer.realworldctf.com/)☆61Mar 20, 2025Updated last year
- Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式☆544Mar 6, 2025Updated last year
- ��【两万字原创】零基础学fastjson漏洞(提高篇),公众号:追梦信安☆211Dec 7, 2023Updated 2 years ago
- ☆60May 22, 2023Updated 2 years ago
- 如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过☆53Sep 10, 2023Updated 2 years ago
- 本项目包含CobaltStrike密码爆破、伪造上线以及DDos功能。其中伪造上线支持常见魔改版CS。This project includes CobaltStrike password blasting, fake online and DDos functions. �…☆71Feb 28, 2025Updated last year