boluoha

boluoha

43 followers · 54 following

Achievements

ultimaste-nuclei-templates Public
Forked from UltimateSec/ultimaste-nuclei-templates

极致攻防实验室 nuclei 检测 POC

Updated Jul 13, 2023
Library-POC Public
Forked from luck-ying/Library-POC

基于Pocsuite3、goby编写的漏洞poc&exp存档

Python Updated Jun 16, 2023
dict- Public

高质量字典

Updated May 7, 2023
0day-1 Public
Forked from helloexp/0day

各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新

C GNU General Public License v3.0 Updated Apr 19, 2023
ENScan_GO Public
Forked from wgpsec/ENScan_GO

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

Go 1 Apache License 2.0 Updated Mar 21, 2023
postcat Public
Forked from Postcatlab/postcat

Postcat 是一个可扩展的 API 工具平台。集合基础的 API 管理和测试功能，并且可以通过插件简化你的 API 开发工作，让你可以更快更好地创建 API。

JavaScript Apache License 2.0 Updated Mar 9, 2023
f8x Public
Forked from ffffffff0x/f8x

红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool

Shell Apache License 2.0 Updated Dec 19, 2022
MYExploit Public
Forked from achuna33/MYExploit

OAExploit一款基于产品的一键扫描工具。

Java Updated Sep 20, 2022
tig Public
Forked from wgpsec/tig

Threat Intelligence Gathering 威胁情报收集，旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。

Python Apache License 2.0 Updated Jul 5, 2022
RedTeam_BlueTeam_HW Public
Forked from Mr-xn/RedTeam_BlueTeam_HW

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

Java 1 MIT License Updated Jun 22, 2022
All-Defense-Tool Public
Forked from guchangan1/All-Defense-Tool

本项目集成了全网优秀的攻防工具项目，包含自动化利用，子域名、敏感目录、端口等扫描，各大中间件，cms漏洞利用工具以及应急响应等资料。

Updated Jun 21, 2022
traitor Public
Forked from liamg/traitor

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Go MIT License Updated Jun 21, 2022
Pentest_Note Public
Forked from xiaoy-sec/Pentest_Note

渗透测试常规操作记录

1 Updated Apr 30, 2022
vulnerability-paper Public
Forked from jas502n/vulnerability-paper

收集的文章

Python Updated Apr 27, 2022
Spring4Shell-POC Public
Forked from reznok/Spring4Shell-POC

Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit

Python Updated Mar 31, 2022
0day Public
Forked from aaq1adqwe/dontfork

各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新

C GNU General Public License v3.0 Updated Mar 30, 2022
Spring-Cloud-Function-Spel Public
Forked from tangxiaofeng7/Spring-Cloud-Function-Spel

Spring Cloud Function Spel命令执行漏洞

Java Updated Mar 27, 2022
APISandbox Public
Forked from API-Security/APISandbox

Pre-Built Vulnerable Multiple API Scenarios Environments Based on Docker-Compose.

FreeMarker GNU General Public License v3.0 Updated Mar 10, 2022
gost Public
Forked from ginuerzh/gost

GO Simple Tunnel - a simple tunnel written in golang

Go MIT License Updated Feb 16, 2022
About-Attack Public
Forked from lintstar/About-Attack

一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集，降低红队技术门槛的手册【持续更新】

MIT License Updated Jan 7, 2022
JNDIExploit-1.2 Public
Forked from Mr-xn/JNDIExploit-1

一款用于 JNDI注入利用的工具，大量参考/引用了 Rogue JNDI 项目的代码，支持直接植入内存shell，并集成了常见的bypass 高版本JDK的方式，适用于与自动化工具配合使用。（from https://github.com/feihong-cs/JNDIExploit）

Java Updated Dec 15, 2021
JNDI-Injection-Exploit1.0- Public
Forked from welk1n/JNDI-Injection-Exploit

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

Java MIT License Updated Dec 14, 2021
SpringBootExploit Public
Forked from 0x727/SpringBootExploit

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

Java Apache License 2.0 Updated Dec 13, 2021
fscan Public
Forked from shadow1ng/fscan

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

Go MIT License Updated Oct 14, 2021
dismap Public
Forked from zhzyker/dismap

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

Go Updated Aug 23, 2021
ARL-Finger-ADD Public
Forked from loecho-sec/ARL-Finger-ADD

灯塔（最新版）指纹添加脚本！

Python Updated Aug 12, 2021

5BDA
Middleware-Vulnerability-detection Public
Forked from KpLi0rn/Middleware-Vulnerability-detection

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

Python 1 1 Updated Jul 26, 2021
redteam_vul Public
Forked from r0eXpeR/redteam_vul

红队作战中比较常遇到的一些重点系统漏洞整理。

Updated Jul 17, 2021
fuzzDicts Public
Forked from TheKingOfDuck/fuzzDicts

Web Pentesting Fuzz 字典,一个就够了。

Python Updated Jun 8, 2021
pocassist Public
Forked from jweny/pocassist

pocassist是一款全新的开源漏洞测试框架，无需代码知识也可实现对poc的在线编辑、管理、测试。使用之前请先阅读文档。

PLpgSQL Apache License 2.0 Updated May 28, 2021

boluoha

Achievements

Achievements

ultimaste-nuclei-templates Public

Uh oh!

Library-POC Public

Uh oh!

dict- Public

Uh oh!

0day-1 Public

Uh oh!

ENScan_GO Public

Uh oh!

postcat Public

Uh oh!

f8x Public

Uh oh!

MYExploit Public

Uh oh!

tig Public

Uh oh!

RedTeam_BlueTeam_HW Public

Uh oh!

All-Defense-Tool Public

Uh oh!

traitor Public

Uh oh!

Pentest_Note Public

Uh oh!

vulnerability-paper Public

Uh oh!

Spring4Shell-POC Public

Uh oh!

0day Public

Uh oh!

Spring-Cloud-Function-Spel Public

Uh oh!

APISandbox Public

Uh oh!

gost Public

Uh oh!

About-Attack Public

Uh oh!

JNDIExploit-1.2 Public

Uh oh!

JNDI-Injection-Exploit1.0- Public

Uh oh!

SpringBootExploit Public

Uh oh!

fscan Public

Uh oh!

dismap Public

Uh oh!

ARL-Finger-ADD Public

Uh oh!

Middleware-Vulnerability-detection Public

Uh oh!

redteam_vul Public

Uh oh!

fuzzDicts Public

Uh oh!

pocassist Public

Uh oh!