voidz0r |
ImageMagick 任意文件读的POC。漏洞存在于PNG的generator中。 |
https://github.com/voidz0r/CVE-2022-44268 |
https://github.com/voidz0r?tab=followers |
Security Engineer, Security Researcher and Developer. I love to break things and I get mad at the 3rd nested loop. |
Anywhere |
DHL Express |
29 |
0 |
4 |
0 |
0 |
Python,PHP,JavaScript,Rust |
0 |
0 |
tihmstar |
homepod越狱工具 |
https://github.com/tihmstar/homepwn#3d-print-version |
https://github.com/tihmstar?tab=followers |
My PGP Key fingerprint can be found in my Twitter bio: https://twitter.com/tihmstar |
None |
None |
85 |
0 |
15 |
0 |
0 |
OpenSCAD,C,Objective-C,C++ |
0 |
0 |
teambi0s |
bi0sCTF 2022 Offical source code && env && sol |
https://github.com/teambi0s/bi0sCTF/tree/main/2022 |
None |
None |
None |
None |
0 |
0 |
0 |
0 |
0 |
C,Shell,Python,JavaScript,C++,HTML,CSS |
0 |
0 |
phplaber |
Yawf: 开源的 Web 漏洞自动化检测工具 |
https://github.com/phplaber/yawf |
https://github.com/phplaber?tab=followers |
Security researcher |
Nanjing, China |
None |
7 |
0 |
384 |
0 |
0 |
Python,Go,PHP |
0 |
0 |
o2sh |
一个可以显示Git仓库详细信息的工具,可以离线使用。 |
https://github.com/o2sh/onefetch |
https://github.com/o2sh?tab=followers |
|
None |
None |
15 |
0 |
1 |
0 |
0 |
Shell,Rust |
0 |
0 |
nikn0laty |
pdfkit命令执行漏洞CVE-2022-25765 Exp |
https://github.com/nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765 |
https://github.com/nikn0laty?tab=followers |
|
None |
None |
1 |
0 |
0 |
0 |
0 |
Python |
0 |
0 |
nanabingies |
Dell dbutil_2_3.sys 驱动提权漏洞的exp |
https://github.com/nanabingies/CVE-2021-21551 |
https://github.com/nanabingies?tab=followers |
if you base your expectations on what you see, you blind yourself to the possibilities of what could be |
Accra, Ghana |
None |
21 |
0 |
21 |
0 |
0 |
Assembly,C++ |
0 |
0 |
mazen160 |
一个用于检测secrets的正则表达式集合,可以在各种文件中匹配secrets。 |
https://github.com/mazen160/secrets-patterns-db |
https://github.com/mazen160?tab=followers |
Cyber Security Engineer (Offensive Security) |
None |
None |
31 |
0 |
7 |
0 |
0 |
Python,Shell |
0 |
0 |
kurogai |
100 Red Team Projects for Pentesters and Network Managers |
https://github.com/kurogai/100-redteam-projects |
https://github.com/kurogai?tab=followers |
Web Developer and Penetration Tester (HackTheBox Competitive Player) |
Luanda / Angola |
None |
61 |
0 |
144 |
0 |
0 |
Python,JavaScript,Java |
0 |
0 |
kraken-ng |
模块化的、支持多语言的webshell |
https://github.com/kraken-ng/Kraken |
None |
None |
None |
None |
0 |
0 |
0 |
0 |
0 |
Python,C#,PHP |
0 |
0 |
horizon3ai |
Fortinet FortiNAC CVE-2022-39952的POC,未授权解压缩可导致任意文件写入,通过crontab实现RCE |
https://github.com/horizon3ai/CVE-2022-39952 |
None |
None |
None |
None |
0 |
0 |
0 |
0 |
0 |
Python |
0 |
0 |
googleprojectzero |
Fuzzilli新增了一个用于将js代码转换成Fuzzili IR的工具。 |
https://github.com/googleprojectzero/fuzzilli/commit/807625f0112df22bfe293aa4d36d67c31c4fb243 |
None |
None |
None |
None |
0 |
0 |
0 |
0 |
0 |
C,C#,C++,Python,HTML,Swift,PowerShell |
0 |
0 |
dicegang |
DiceCTF 2023 Offical sourcecode && env && sol |
https://github.com/dicegang/dicectf-2023-challenges |
None |
None |
None |
None |
0 |
0 |
0 |
0 |
0 |
Python,C,HTML,JavaScript |
0 |
0 |
daem0nc0re |
用于研究windows进程执行技术的工具包 |
https://github.com/daem0nc0re/TangledWinExec/tree/main/ReflectiveDLLInjection |
https://github.com/daem0nc0re?tab=followers |
|
None |
None |
10 |
0 |
0 |
0 |
0 |
C#,Assembly |
0 |
0 |
cisagov |
一个可能可以恢复ESXiArgs勒索病毒的脚本。 |
https://github.com/cisagov/ESXiArgs-Recover |
None |
None |
None |
None |
0 |
0 |
0 |
0 |
0 |
Shell,HTML,Python,Open,JavaScript,TypeScript,TSQL,HCL |
0 |
0 |
blackorbird |
Picus出版的2023年版APT攻击报告 |
https://github.com/blackorbird/APT_REPORT/blob/master/summary/2023/RedReport2023-Picus.pdf |
https://github.com/blackorbird?tab=followers |
APT hunter threat analyst |
https://twitter.com/blackorbird |
https://twitter.com/blackorbird |
46 |
0 |
125 |
0 |
0 |
Python,C |
0 |
0 |
batteryshark |
利用 QEMU + GDB 帮助魔改,逆向和理解嵌入式系统内核 |
https://github.com/batteryshark/writeups/wiki/Go-to-Shell---Reverse-Engineering-Kernel-Modifications-with-QEMU-gdb |
https://github.com/batteryshark?tab=followers |
|
None |
None |
65 |
0 |
13 |
0 |
0 |
C#,C,C++ |
0 |
0 |
ashemery |
香普兰学院的逆向和二进制漏洞利用课程相关的配套练习 |
https://github.com/ashemery/exploitation-course/tree/master/labs |
https://github.com/ashemery?tab=followers |
[Between Teams of Red and Blue, Im with the Purple Team] |
USA |
https://www.cyber5w.com |
37 |
0 |
20 |
0 |
0 |
Python,Shell,PowerShell |
0 |
0 |
RF-CTI |
2022 SANS 网络威胁情报峰会资料 |
https://github.com/RF-CTI/SANS-summit/blob/master/01-2022%20SANS%20Cyber%20Threat%20Intelligence%20Summit/01-2022%20SANS%20Cyber%20Threat%20Intelligence%20Summit.md |
None |
None |
None |
None |
0 |
0 |
0 |
0 |
0 |
Python,SCSS,HTML |
0 |
0 |
LloydLabs |
使用NtQueueApcThreadEx向windows进程注入任意shellcode,可以用于bypass部分终端安全检测 |
https://github.com/LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection |
https://github.com/LloydLabs?tab=followers |
🐶 |
London |
@CrowdStrike |
14 |
0 |
270 |
0 |
0 |
Go,C |
0 |
0 |
GuardianAudits |
GMX合约的审计报告 |
https://github.com/GuardianAudits/Audits/tree/main/GMX |
https://github.com/GuardianAudits?tab=followers |
|
None |
None |
5 |
0 |
0 |
0 |
0 |
JavaScript,Solidity |
0 |
0 |
DvorakDwarf |
该工具可以将任意文件以视频形式存储,将视频上传到视频网站进而使用其免费的云存储 |
https://github.com/DvorakDwarf/Infinite-Storage-Glitch |
https://github.com/DvorakDwarf?tab=followers |
Contact over discord, preferably. Discord: HistidineDwarf#8927 |
Nowhere |
Middle of |
13 |
0 |
26 |
0 |
0 |
Python,Shell,Rust |
0 |
0 |
Cyber-Buddy |
一个基于OWASP MASVS (Mobile Application Security Verification Standard) 的安卓应用安全检测工具。 |
https://github.com/Cyber-Buddy/APKHunt |
https://github.com/Cyber-Buddy?tab=followers |
|
None |
None |
1 |
0 |
1 |
0 |
0 |
Go |
0 |
0 |
ChromeDevTools |
Chrome Devtools的RFC,将允许用户本地覆写http reponse的header。 |
ChromeDevTools/rfcs#4 |
None |
None |
None |
None |
0 |
0 |
0 |
0 |
0 |
TypeScript,JavaScript |
0 |
0 |
CMEPW |
一个如何绕过Antivirus的知识思维导图。 |
https://github.com/CMEPW/BypassAV |
None |
None |
None |
None |
0 |
0 |
0 |
0 |
0 |
Python,Go,C,TypeScript |
0 |
0 |
BKreisel |
CVE-2022-23935 的 Python Exp 。漏洞源自于 ExifTool ,一款开源软件,用于读取、写入和操作图像、音频、视频和 PDF 元数据,该漏洞错误地处理了 file 参数的检查,导致命令注入。 |
https://github.com/BKreisel/CVE-2022-23935 |
https://github.com/BKreisel?tab=followers |
|
Golden, Colorado |
None |
23 |
0 |
33 |
0 |
0 |
Python,C,Rust |
0 |
0 |
0xf4n9x |
GoAnywhere MFT反序列化漏洞(CVE-2023-0669)利用工具 |
https://github.com/0xf4n9x/CVE-2023-0669 |
https://github.com/0xf4n9x?tab=followers |
#InfoSec , #PenTest , #RedTeam , #SecResearch , #Student |
/dev/null |
None |
58 |
0 |
3100 |
0 |
0 |
Go,Python,Java |
0 |
0 |