admin/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2025-06-21 10:21:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

add 浅谈Windows环境下的命令混淆

Browse Source
This commit is contained in:
Mrxn 2021-12-28 22:23:59 +08:00
parent ca80adbd28
commit b237b637ef
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -541,8 +541,8 @@
- [FrameScan-GUI 一款python3和Pyqt编写的具有图形化界面的cms漏洞检测框架](https://github.com/qianxiao996/FrameScan-GUI)
- [SRC资产信息聚合网站](https://github.com/cckuailong/InformationGather)
- [Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测](https://github.com/rabbitmask/SB-Actuator)
- [JNDI 注入利用工具【Fastjson、Jackson 等相关漏洞】](https://github.com/JosephTribbianni/JNDI)|[JNDIExploit](https://github.com/0x727/JNDIExploit)|[JNDIExploit](https://github.com/feihong-cs/JNDIExploit)|[JNDI-Exploit-Kit](https://github.com/pimps/JNDI-Exploit-Kit)|[JNDIScan无须借助dnslog且完全无害的JNDI反连检测工具解析RMI和LDAP协议实现可用于甲方内网自查](https://github.com/EmYiQing/JNDIScan)
- [fastjson_rec_exploit-fastjson一键命令执行python版本](https://github.com/mrknow001/fastjson_rec_exploit)
- [JNDI 注入利用工具【Fastjson、Jackson 等相关漏洞】](https://github.com/JosephTribbianni/JNDI)|[JNDIExploit](https://github.com/0x727/JNDIExploit)|[JNDIExploit](https://github.com/feihong-cs/JNDIExploit)|[JNDI-Exploit-Kit](https://github.com/pimps/JNDI-Exploit-Kit)|[JNDIScan无须借助dnslog且完全无害的JNDI反连检测工具解析RMI和LDAP协议实现可用于甲方内网自查](https://github.com/EmYiQing/JNDIScan)|[JNDI-Inject-Exploit解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入支持JNDI注入高版本JDK Bypass命令回显、内存马注入](https://github.com/exp1orer/JNDI-Inject-Exploit)
- [fastjson_rec_exploit-fastjson一键命令执行python版本](https://github.com/mrknow001/fastjson_rec_exploit)|[FastjsonExploitfastjson漏洞快速利用框架](https://github.com/c0ny1/FastjsonExploit)|[fastjsonScanfastjson漏洞burp插件](https://github.com/zilong3033/fastjsonScan)
- [各种反弹shell的语句集合页面](https://krober.biz/misc/reverse_shell.php)
- [解密weblogic AES或DES加密方法](https://github.com/Ch1ngg/WebLogicPasswordDecryptorUi)
- [使用 sshLooterC 抓取 SSH 密码](https://github.com/mthbernardes/sshLooterC)|[相关文章](https://www.ch1ng.com/blog/208.html)|[本地版本](./books/使用sshLooterC抓取SSH密码.pdf)
@ -928,7 +928,8 @@
- [goHashDumper用于Dump指定进程的内存,主要利用静默退出机制(SilentProcessExit)和Windows API(MiniDumpW)实现](https://github.com/crisprss/goHashDumper)
- [wxappUnpacker小程序反编译(支持分包)](https://github.com/xuedingmiaojun/wxappUnpacker)
- [MyFuzzAllfuzz、爆破字典](https://github.com/yyhuni/MyFuzzAll)
- [NPPSpy获取Windows明文密码的小工具](https://github.com/gtworek/PSBits/tree/master/PasswordStealing/NPPSpy)
- [NPPSpy获取Windows明文密码的小工具](https://github.com/gtworek/PSBits/tree/master/PasswordStealing/NPPSpy)|[CMPSpy改进版本](https://github.com/fengwenhua/CMPSpy)
- [PoC-in-GitHub收录 github 上公开的 POC 按照年份排列](https://github.com/nomi-sec/PoC-in-GitHub)
## <span id="head8"> 文章/书籍/教程相关</span>

BIN
books/浅谈Windows环境下的命令混淆.pdf Normal file
View File

Binary file not shown.