Name: backlion
Type: User
Company: 渗透测试研究中心公众号【渗透测试研究中心】
Bio: Penetration Testing,WEB Security Research,Red Team, penetration testing and Research Center --->>http://www.cnblogs.com/backlion
Location: **成都
Blog: http://www.cnblogs.com/backlion
backlion's Projects
一个关于PHP的代码审计项目
PHP代码审计分段讲解
该项目用来记录,我用来练手的PHP代码审计项目。
Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
Position Independent Windows Shellcode Written in C
:rocket:A simple & beautiful tool for pictures uploading built by electron-vue
一个好玩的Web安全-漏洞测试平台
PingCastle - Get Active Directory Security at 80% in 20% of the time
流量转发加速工具.a tool that advertises tcp/udp/socks5 traffic as icmp traffic for forwarding.
A quick LKM rootkit that executes a reverse TCP netcat shell with root privileges.
Network Pivoting Toolkit
Tools for Kerberos PKINIT and relaying to AD CS
Remote Access Trojan(RAT), Miner, DDoS
PoC of CVE/Exploit
常用渗透poc收集
Proofs-of-concept
Focus on cybersecurity | collection of PoC and Exploits
收集网上公开的poc于此处,包括复现过的和因为环境条件没复现过的,为日后的渗透测试提供便利
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
PoC for CVE-2018-1002105.
I'll submit the poc after blackhat
PocHubs是为了整合网上知名开源框架的漏洞详细和POC
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
Proof of Concepts for CVE-2016–3714
Pocsuite is an open-sourced remote vulnerability testing framework developed by the Knownsec Security Team.
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
collection poc use pocsuite framework 收集一些 poc with pocsuite框架
一款跨平台小巧的端口爆破工具,支持爆破FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD / A cross-platform compact port blasting tool that supports blasting FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD
Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network