伪造Myslq服务端,并利用Mysql逻辑漏洞来获取客户端的任意文件反击攻击者
☆363Apr 24, 2022Updated 3 years ago
Alternatives and similar repositories for MysqlT
Users that are interested in MysqlT are comparing it to the libraries listed below
Sorting:
- 通过 Redis 主从写出无损文件☆718May 25, 2020Updated 5 years ago
- 这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。☆637Apr 4, 2021Updated 4 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆712May 10, 2021Updated 4 years ago
- Java RCE 回显测试代码☆1,015Oct 15, 2020Updated 5 years ago
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆535Aug 25, 2020Updated 5 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,014May 21, 2024Updated last year
- Bypass firewall for traffic forwarding using webshell☆1,430Sep 29, 2021Updated 4 years ago
- JumpServer远程代码执行漏洞检测利用脚本☆204Feb 9, 2021Updated 5 years ago
- 内网渗透中常用的c#程序整合成cs脚本,直接内存加载。持续更新~☆499Feb 13, 2020Updated 6 years ago
- 对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecrypt…☆1,260Mar 16, 2022Updated 4 years ago
- 中国蚁剑后渗透框架☆941Jan 18, 2024Updated 2 years ago
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆757Dec 2, 2022Updated 3 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,389Dec 16, 2022Updated 3 years ago
- Burp suite 分块传输辅助插件☆2,026Feb 23, 2022Updated 4 years ago
- 一款可以在不出网的环境下进行反向代理及cs上线的工具☆491Apr 26, 2023Updated 2 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆614Dec 29, 2021Updated 4 years ago
- 检测目标Mysql数据库是不是蜜罐☆127Feb 23, 2021Updated 5 years ago
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,405Jan 18, 2022Updated 4 years ago
- X安蜜罐用的一些存在JSonp劫持的API☆93May 28, 2021Updated 4 years ago
- 这是一个抓取浏览器密码的工具,后续会添加更多功能☆1,455May 21, 2022Updated 3 years ago
- JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本☆258Oct 29, 2021Updated 4 years ago
- sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆715Aug 3, 2021Updated 4 years ago
- fastjson不出网利用、c3p0☆256Jul 30, 2021Updated 4 years ago
- 免杀技术大杂烩---乱拳也打不死老师傅☆1,094Mar 29, 2021Updated 4 years ago
- Shiro反序列化回显利用、内存shell、检查 Burp插件☆217Sep 1, 2022Updated 3 years ago
- ☆295May 7, 2022Updated 3 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 4 years ago
- 利用NTLM Hash读取Exchange邮件☆441Jan 7, 2025Updated last year
- MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize☆1,362Nov 18, 2021Updated 4 years ago
- ☆231Jan 3, 2022Updated 4 years ago
- 红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。☆366Jun 19, 2024Updated last year
- Windows 权限提升 BadPotato☆889May 10, 2020Updated 5 years ago
- 读取登录过本机的登录失败或登录成功的所有计算机信息,在内网渗透中快速定位运维管理人员。☆221Sep 30, 2019Updated 6 years ago
- java内存对象搜索辅助工具☆823Sep 23, 2022Updated 3 years ago
- Flask 内存马☆314Mar 26, 2021Updated 4 years ago
- ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。☆1,634Jun 16, 2024Updated last year
- 通过正则搜索、批量反编译特定Jar包中的class名称☆321Dec 9, 2021Updated 4 years ago
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆311Jun 17, 2022Updated 3 years ago
- 内网域渗透小工具☆733Apr 20, 2021Updated 4 years ago