开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
翻译 - CVE-2021-40444 - 完全武器化的 Microsoft Office Word RCE 漏洞利用
CVE-2023-38831 winrar exploit generator
Repository for information about 0-days exploited in-the-wild.
翻译 - 存储库有关0天的信息,其中野外漏洞。
#IOS#iOS gamed exploit (fixed in 15.0.2)
翻译 - iOS 15 0 天漏洞利用
Modern Self-Modifying Cross-Platform Peer-to-Peer Botnet over TOR
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963
APT38 Tactic PoC for Stealing 0days from security professionals
Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.