├── .gitattributes ├── AssetInfoColl ├── AssetInfoColl.py ├── Help.png ├── README.md ├── Readme.png └── lib │ ├── 1 │ ├── GetAssetInfo.py │ └── GetSubDomain.py ├── README.md ├── 安全知识库-漏洞修复指南.pdf ├── 工具使用 ├── GetSubDomain_V0.1.py ├── Netcat工具使用技巧.docx ├── Windows 证书签名的伪造.docx └── 正向连接与反向连接.docx └── 漏洞复现 ├── Apache Tomcat AJP(CVE-2020-1938)文件包含漏洞复现.docx ├── CVE-2019-0708远程桌面代码执行漏洞复现.docx ├── CVE-2020-0796远程桌面代码执行漏洞复现.docx ├── CVE-2020-14882漏洞复现.docx ├── DNS域传送漏洞复现.docx ├── DirtyCow提权漏洞复现(CVE-2016-5195).docx ├── Docker逃逸漏洞复现(CVE-2019-5736).docx ├── Fastjson 1.2.24 远程命令执行漏洞复现.docx ├── Fastjson 1.2.47 远程命令执行漏洞复现.docx ├── GitLab任意文件读取漏洞复现(CVE-2020-10977).docx ├── Shiro1.2.4 反序列化命令执行漏洞复现.docx ├── Struts2 S2-061 远程命令执行漏洞(CVE-2020-17530)复现.docx ├── Windows TCP IP(CVE-2020-16898)远程代码执行漏洞复现.docx ├── 未授权访问漏洞复现合集.docx └── 永恒之蓝(MS17-010)漏洞复现.docx /.gitattributes: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/.gitattributes -------------------------------------------------------------------------------- /AssetInfoColl/AssetInfoColl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/AssetInfoColl/AssetInfoColl.py -------------------------------------------------------------------------------- /AssetInfoColl/Help.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/AssetInfoColl/Help.png -------------------------------------------------------------------------------- /AssetInfoColl/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/AssetInfoColl/README.md -------------------------------------------------------------------------------- /AssetInfoColl/Readme.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/AssetInfoColl/Readme.png -------------------------------------------------------------------------------- /AssetInfoColl/lib/1: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /AssetInfoColl/lib/GetAssetInfo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/AssetInfoColl/lib/GetAssetInfo.py -------------------------------------------------------------------------------- /AssetInfoColl/lib/GetSubDomain.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/AssetInfoColl/lib/GetSubDomain.py -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/README.md -------------------------------------------------------------------------------- /安全知识库-漏洞修复指南.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/安全知识库-漏洞修复指南.pdf -------------------------------------------------------------------------------- /工具使用/GetSubDomain_V0.1.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/工具使用/GetSubDomain_V0.1.py -------------------------------------------------------------------------------- /工具使用/Netcat工具使用技巧.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/工具使用/Netcat工具使用技巧.docx -------------------------------------------------------------------------------- /工具使用/Windows 证书签名的伪造.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/工具使用/Windows 证书签名的伪造.docx -------------------------------------------------------------------------------- /工具使用/正向连接与反向连接.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/工具使用/正向连接与反向连接.docx -------------------------------------------------------------------------------- /漏洞复现/Apache Tomcat AJP(CVE-2020-1938)文件包含漏洞复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/Apache Tomcat AJP(CVE-2020-1938)文件包含漏洞复现.docx -------------------------------------------------------------------------------- /漏洞复现/CVE-2019-0708远程桌面代码执行漏洞复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/CVE-2019-0708远程桌面代码执行漏洞复现.docx -------------------------------------------------------------------------------- /漏洞复现/CVE-2020-0796远程桌面代码执行漏洞复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/CVE-2020-0796远程桌面代码执行漏洞复现.docx -------------------------------------------------------------------------------- /漏洞复现/CVE-2020-14882漏洞复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/CVE-2020-14882漏洞复现.docx -------------------------------------------------------------------------------- /漏洞复现/DNS域传送漏洞复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/DNS域传送漏洞复现.docx -------------------------------------------------------------------------------- /漏洞复现/DirtyCow提权漏洞复现(CVE-2016-5195).docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/DirtyCow提权漏洞复现(CVE-2016-5195).docx -------------------------------------------------------------------------------- /漏洞复现/Docker逃逸漏洞复现(CVE-2019-5736).docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/Docker逃逸漏洞复现(CVE-2019-5736).docx -------------------------------------------------------------------------------- /漏洞复现/Fastjson 1.2.24 远程命令执行漏洞复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/Fastjson 1.2.24 远程命令执行漏洞复现.docx -------------------------------------------------------------------------------- /漏洞复现/Fastjson 1.2.47 远程命令执行漏洞复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/Fastjson 1.2.47 远程命令执行漏洞复现.docx -------------------------------------------------------------------------------- /漏洞复现/GitLab任意文件读取漏洞复现(CVE-2020-10977).docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/GitLab任意文件读取漏洞复现(CVE-2020-10977).docx -------------------------------------------------------------------------------- /漏洞复现/Shiro1.2.4 反序列化命令执行漏洞复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/Shiro1.2.4 反序列化命令执行漏洞复现.docx -------------------------------------------------------------------------------- /漏洞复现/Struts2 S2-061 远程命令执行漏洞(CVE-2020-17530)复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/Struts2 S2-061 远程命令执行漏洞(CVE-2020-17530)复现.docx -------------------------------------------------------------------------------- /漏洞复现/Windows TCP IP(CVE-2020-16898)远程代码执行漏洞复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/Windows TCP IP(CVE-2020-16898)远程代码执行漏洞复现.docx -------------------------------------------------------------------------------- /漏洞复现/未授权访问漏洞复现合集.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/未授权访问漏洞复现合集.docx -------------------------------------------------------------------------------- /漏洞复现/永恒之蓝(MS17-010)漏洞复现.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jeansgit/Pentest/HEAD/漏洞复现/永恒之蓝(MS17-010)漏洞复现.docx --------------------------------------------------------------------------------