Name: backlion
Type: User
Company: 渗透测试研究中心公众号【渗透测试研究中心】
Bio: Penetration Testing,WEB Security Research,Red Team, penetration testing and Research Center --->>http://www.cnblogs.com/backlion
Location: **成都
Blog: http://www.cnblogs.com/backlion
backlion's Projects
This repository tells you how Navicat encrypts database password.
This is a repo to tell you how Xmanager (XFtp, XShell) encrypt password. Transferred from https://github.com/DoubleLabyrinth/how-does-Xmanager-encrypt-password
A repository for learning various heap exploitation techniques.
Tutorials and Things to Do while Hunting Vulnerability.
火绒剑独立版
Lists of sources and utilities utilized to hunt, detect and prevent evildoers.
个人整理的一些域渗透Tricks,可能有一些错误。
hyscan HengGe Team
I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016
Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
ICS/SCADA Security Resource(整合工控安全相关资源)
some people share IDA7.0!
IDA_Pro_7.2
多进程批量网站备份文件泄露扫描工具v0.2
批量网站备份文件扫描器,增加文件规则,优化内存占用
A native backdoor module for Microsoft IIS (Internet Information Services)
backdoor
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.
Impacket is a collection of Python classes for working with network protocols.
The great impacket example scripts compiled for Windows
Standalone binaries for Linux/Windows of Impacket's examples
This is a simple parser for/decrypter for Impacket's esentutl.py utility. It assists with decrypting hashes and hash histories from ntds.dit databases.
Template-Driven AV/EDR Evasion Framework
One Token To Rule Them All https://labs.mwrinfosecurity.com/blog/incognito-v2-0-released/
An Information Security Reference That Doesn't Suck
Asynchronous Procedure Calls
注入JVM进程 动态获取目标进程连接的数据库