This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artif...
翻译 - 该存储库主要由Omar Santos维护,并包含与道德黑客/渗透测试,数字取证和事件响应(DFIR),漏洞研究,漏洞利用开发,逆向工程等相关的数千种资源。
Exploitation Framework for Embedded Devices
翻译 - 嵌入式设备的开发框架
该仓库提供了精选的 Nuclei 模板。Nuclei 是一个基于YAML模板,自定义的漏洞扫描工具。
📦 Make security testing of K8s, Docker, and Containerd easier.
翻译 - CDK是一个开放源代码的容器渗透工具包,可在不依赖任何操作系统的情况下,在不同的瘦容器中进行稳定利用。它带有有用的网络工具,许多强大的PoC / EXP可帮助您轻松逃脱容器并接管K8s集群。
🌴Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
翻译 - 🌴Windows内核提权漏洞合集,附编译环境、演示GIF图、漏洞详情、可执行文件(Windows提权漏洞合集) http://kernelhub.ascotbe.com/
#夺旗赛 (CTF) 和网络安全资源# A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges ...
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
翻译 - 处理Herpaderping概念,工具和技术深入证明。流程Herpaderping通过模糊流程的意图来绕过安全产品。
Advisories, proof of concept files and exploits that have been made public by @pedrib.
翻译 - This repository contains my advisories, proof of concept files and exploits that I have made public.
Repository for information about 0-days exploited in-the-wild.
翻译 - 存储库有关0天的信息,其中野外漏洞。
scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。
Exploit allowing you to read registry hives as non-admin on Windows 10 and 11
翻译 - 利用允许您在 Windows 10 和 11 上以非管理员身份读取注册表配置单元
This is a monorepo including codes from grey hat c# by no starch and some of my own research with it.
翻译 - 这是一个 monorepo,包括来自没有淀粉的灰色帽子 c# 的代码以及我自己的一些研究。