Kba Haxor KbaHaxor

一个高级web目录扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑

WebLogic wls9-async反序列化远程命令执行漏洞

WebLogic CNVD-C-2019_48814 CVE-2017-10271 Scan By 7kbstorm

viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys

Bypass Facebook Certificate Pinning for Android

Automation for internal Windows Penetrationtest / AD-Security - Still much work to do

ES File Explorer Open Port Vulnerability

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Some scripts for penetration testing

eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

An Bash&Python Script For Generating Payloads that Bypasses All Antivirus so far [FUD]

Nano is a family of PHP web shells which are code golfed for stealth.

OWASP Web Application Security Testing Checklist

CVE-2018-7600 - Drupal 7.x RCE

Windows / Linux Local Privilege Escalation Workshop

A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.

PowerShell oneliner to retrieve wdigest passwords from the memory

xsec-proxy-scanner是一款速度超快、小巧的代理扫描器

Frontpage and Sharepoint fingerprinting and attack tool.

A collection of pentest and development tips

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

A toolset to track and organize output of reconnaissance tools

Proof-of-Concept exploits for CVE-2017-11882

some learning notes about Web/Cloud/Docker Security、 Penetration Test、 Security Building

A Python module to scrape several search engines (like Google, Yandex, Bing, Duckduckgo, Baidu and others) by using proxies (socks4/5, http proxy) and with many different IP's, including asynchrono…

CVE-2017-11882 from https://github.com/embedi/CVE-2017-11882

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.