一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景
注意:如想测试其他数据库软件PostgreSQL、Oracle,请使用相应的pg_sleep()、dbms_lock.sleep(),未测试,简单替换payload可能不好使,由此造成的漏测本人概不负责
测试demo可参考我的上一个仓库(https://github.com/ce-automne/OrderbyInjectionDemo)
Tools-Spartan This is a program that makes it easy for you to download and install tools used in Kali Linux, there are tons of tools available.
Minecraft-Server-Scanner Let's you scan the entire internet in a couple of hours and identify all Minecraft servers on IPV4 Installation and running i
BOF-Roaster is an automated buffer overflow exploit machine which is begin written with Python 3. On first release it was able to successfully break many of the most well-known buffer overflow exampl
unblocker Burp Suite extension for encoding/decoding EVM calldata 0x00_prerequisites Burp Suite Java 8+ Python 2.7 0x01_installation clone this reposi
KCMTicketFormatter This tools takes the output from https://github.com/fireeye/SSSDKCMExtractor and turns it into properly formatted CCACHE files for
Usage python3 .\exchange-exp.py -------------------------------------------------------------------------------- |
Gitlab RCE - Remote Code Execution RCE for old gitlab version = 11.4.7 & 12.4.0-12.8.1 LFI for old gitlab versions 10.4 - 12.8.1 This is an exploit f
GetMail 利用NTLM Hash读取Exchange邮件:在进行内网渗透时候,我们经常拿到的是账号的Hash凭据而不是明文口令。在这种情况下采用邮件客户端或者WEBMAIL的方式读取邮件就很麻烦,需要进行破解,NTLM的破解主要依靠字典强度,破解概率并不是很大。
scan4log4j Python script that sends CVE-2021-44228 log4j payload requests to url list [VERY BETA] using Supply your url list to urls.txt Put your payl
Windows 95 Product Key Check Info: This is a python implementation of the windows 95 product key check. This was just a bit of fun and a massive 5 hou
CVE-2021-42694 Generate malicious files using recently published homoglyph-attack vulnerability, which was discovered at least in C, C++, C#, Go, Pyth
Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ
Outline Keychain A simple Outline Server Access Key Copy and Paste Web Interface Developed for key and password export and copy & paste for other Shad
介绍 工具介绍 这是一款致力于将各类优秀脚本集合在一起调用、联动,最终可形成超级渗透脚本的工具。目的是扫描到更全的资产信息,发现更多的漏洞利用。但是这是通过牺牲扫描速度来提升扫描广度的。所以不太适合要进行紧急信息收集和漏洞利用的情况。
Strong-password-Generator-from-existing-password-using-python In this program, I generate the strong password from existing password without class usi
ExProlog ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065) Usage: exprolog.py [OPTIONS] ExProlog -
OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238. It generates and validates OTPs based
zip-symlink-payload-creator This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Known issues it will not work outside kali , i will update it
PasswordGenerator Simple password generator: -Simplisitc Window Application -Allows Numbers, Symbols & letters upper and lowercase -Restricts rows of
1 Nov 10, 2021
116 Jan 08, 2023
5 Nov 23, 2021
16 Aug 30, 2022
35 Oct 25, 2022
76 Nov 09, 2022
153 Nov 09, 2022
[email protected]">
388 Dec 27, 2022
5 Nov 09, 2022
11 Aug 07, 2022
17 Dec 11, 2022
22.1k Jan 02, 2023
1 Dec 28, 2021
23 Jul 05, 2022
4 Sep 24, 2021
130 Dec 15, 2022
1 Nov 15, 2021
6 Aug 18, 2022
867 Dec 22, 2022
1 Jan 10, 2022