渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
☆28Jul 23, 2020Updated 5 years ago
Alternatives and similar repositories for Penetration_Testing_POC
Users that are interested in Penetration_Testing_POC are comparing it to the libraries listed below
Sorting:
- 漏洞POC、EXP合集,持续更新。Apache Druid-任意文件读取(CVE-2021-36749)、ConfluenceRCE(CVE-2021-26084)、ZeroShell防火墙RCE(CVE-2019-12725)、ApacheSolr任意文件读取、蓝凌OA任…☆173Nov 21, 2021Updated 4 years ago
- 各大漏洞文库合集☆757Oct 5, 2021Updated 4 years ago
- 针对finereportv10反序列化接口/webroot/decision/remote/design/channel进行无回显检测并提供Godzilla memshell注入功能(部分环境缺少依赖无法成功)☆24Oct 17, 2023Updated 2 years ago
- PwnWiki 数据库搜索命令行工具;该工具有点像 searchsploit 命令,只是搜索的不是 Exploit Database 而是 PwnWiki 条目☆79Jul 2, 2021Updated 4 years ago
- Cs-Sleep-Mask-Fiber☆18May 16, 2025Updated 9 months ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…☆22May 31, 2024Updated last year
- Thinkphp 多语言自检工具☆14Dec 10, 2022Updated 3 years ago
- APT-GUID☆23Oct 23, 2020Updated 5 years ago
- phpstudy(2016/2018) backdoor rce☆47Oct 2, 2019Updated 6 years ago
- Apache Shiro payload AES解密☆28Mar 11, 2021Updated 4 years ago
- goby poc or exp,分享goby最新网络安全漏洞检测或利用代码☆633Jan 11, 2022Updated 4 years ago
- 红蓝对抗快速搭建基础设施平台☆36Dec 2, 2022Updated 3 years ago
- query specific user and login IP from remote machine☆18Nov 19, 2022Updated 3 years ago
- ☆13Jan 15, 2025Updated last year
- 一个通用的web poc模版☆14May 26, 2023Updated 2 years ago
- Check VM/SandBox☆17Mar 23, 2023Updated 2 years ago
- AutoScan 有多个目标时,多线程调用xray+rad进行自动扫描☆87Jul 12, 2022Updated 3 years ago
- Automatically parse Malleable C2 profiled into CrossC2 rebinding library source code☆21Feb 13, 2023Updated 3 years ago
- DiagTrack Eop (From Service Account to SYSTEM)☆24Jan 13, 2023Updated 3 years ago
- 非常简单的CVE-2023-0386's exp and analysis.Use c and sh.☆19Jun 28, 2023Updated 2 years ago
- 存储练习项目,目前有GetWeChatBOF☆19Jul 26, 2023Updated 2 years ago
- 基于Pocsuite3、goby编写的漏洞poc&exp存档☆881Apr 12, 2024Updated last year
- pe reflection tool, which confuses invoke and entry☆41Aug 29, 2022Updated 3 years ago
- subdomain scanner☆18Apr 14, 2023Updated 2 years ago
- automatic privilege escalation by pspy☆23Jan 19, 2022Updated 4 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆69Feb 5, 2023Updated 3 years ago
- 2021hvv漏洞汇总☆678Apr 24, 2021Updated 4 years ago
- ☆46Jun 25, 2024Updated last year
- ☆18Aug 15, 2021Updated 4 years ago
- 结合反射调用、动态编译、BCEL、defineClass0,ScriptEngine、Expression等技术的一款免杀JSP Webshell生成工具☆19Dec 16, 2021Updated 4 years ago
- 提供一个Golang 的bypass AV 思路。☆78Jul 6, 2023Updated 2 years ago
- Bloodhound 数据解析工具☆22Jun 10, 2025Updated 8 months ago
- c/s网络准入平台☆20Nov 14, 2022Updated 3 years ago
- Goby POC 存档☆88Mar 10, 2022Updated 3 years ago
- Burpsuite插件:被动进行未授权访问或越权操作的扫描☆21Aug 28, 2021Updated 4 years ago
- 致远OA漏洞检测☆189Aug 2, 2023Updated 2 years ago
- 关于安全狗和云锁的自动化绕过脚本☆522Nov 15, 2021Updated 4 years ago
- 少而精的常用字典,积累各种场景实现字典进化,只追求更简单更有效,不建议star,但建议pr。☆141Jun 7, 2024Updated last year
- 2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~☆20Jan 21, 2022Updated 4 years ago