爆破字典

信息收集自动化工具

Neo-reGeorg is a project that seeks to aggressively refactor reGeorg

Tool for Active Directory Certificate Services enumeration and abuse

TideFinger——指纹识别小工具，汲取整合了多个web指纹库，结合了多种指纹检测方法，让指纹检测更快捷、准确。

记录自己编写、修改的部分工具

BloodyAD is an Active Directory Privilege Escalation Framework

A flexible scanner

New generation of wmiexec.py

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

一款针对向日葵的识别码和验证码提取工具

Sudo Baron Samedit Exploit

利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码

A tool to make socks connections through HTTP agents

Tools for Kerberos PKINIT and relaying to AD CS

灯塔（最新版）指纹添加脚本！

A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.

Apache Shiro 反序列化漏洞检测与利用工具

Just another Powerview alternative

EyeJo是一款自动化资产风险评估平台，可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查，快速发现存在的薄弱点和攻击面。

批量网站备份文件扫描器，增加文件规则，优化内存占用

利用NTLM Hash读取Exchange邮件

A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager

Confluence Server Webwork OGNL injection

Shiro-721 RCE Via RememberMe Padding Oracle Attack

通过脉脉用户猜测企业邮箱

多进程批量网站备份文件泄露扫描工具v0.2

NTLM relay test.

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell