├── .gitignore ├── InterpretCode ├── README.md └── jshell.txt ├── README.md ├── XSS.md ├── debugger ├── JDB.md ├── PDB.md ├── README.md ├── VSCode-NodeJS.md ├── VSCode-Python.md ├── dnspy.md └── images │ ├── assemblyattr_after.png │ ├── assemblyattr_before.png │ ├── attach.png │ ├── break.png │ ├── debug.png │ └── pause.png ├── deserialize ├── README.md ├── dotnet-XmlSerializer │ ├── MyXmlDeserializer.cs │ ├── MyXmlSerializer.cs │ ├── README.md │ ├── evil.txt │ └── xml.txt ├── php-phar │ ├── README.md │ ├── phar-jpg-poly.php │ ├── phar_generate.php │ ├── phar_test.php │ └── phar_vuln.php └── pickle │ ├── README.md │ ├── pickle_exp.py3 │ └── pickle_vul.py3 ├── jars ├── README.md ├── hsqldb.jar ├── jd-gui-1.6.6.jar └── ysoserial-0.0.6-SNAPSHOT-all.jar ├── revshells ├── pty_shell_handler.py ├── r.bash ├── r.c ├── r.java ├── r.nc ├── r.nc_openbsd ├── r.nodejs ├── r.php ├── r.pl ├── r.ps1 ├── r.py ├── r.rb ├── r.vbs ├── r.xml_msbuild ├── r2.java └── r3.java ├── sqli ├── mssqli.py ├── mssqli_threading.py ├── mysqli.py ├── mysqli_threading.py ├── pgsql │ ├── generate_sql.py │ ├── pg_exec.c │ └── readme.txt └── pgsqli.py ├── ssti ├── README.md ├── cheatsheet.txt ├── nodejs-lodash.md ├── nodejs-pug.md ├── php-twig.md ├── python-django.md └── python-jinja.md ├── utils ├── README.md ├── apiServ.py ├── brute.py ├── cmdEscape.py ├── django_crawl.py ├── fetchAuth.js ├── images │ ├── 4thread.png │ └── 64thread.png ├── ipTrans.py ├── parallel.py ├── ps.py ├── psEncode.sh ├── socketIo-client.py ├── wsclient-long.py └── wsclient-short.py └── webshells ├── shell.aspx ├── shell.jsp └── shell.php /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | 3 | -------------------------------------------------------------------------------- /InterpretCode/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/InterpretCode/README.md -------------------------------------------------------------------------------- /InterpretCode/jshell.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/InterpretCode/jshell.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/README.md -------------------------------------------------------------------------------- /XSS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/XSS.md -------------------------------------------------------------------------------- /debugger/JDB.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/JDB.md -------------------------------------------------------------------------------- /debugger/PDB.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/PDB.md -------------------------------------------------------------------------------- /debugger/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/README.md -------------------------------------------------------------------------------- /debugger/VSCode-NodeJS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/VSCode-NodeJS.md -------------------------------------------------------------------------------- /debugger/VSCode-Python.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/VSCode-Python.md -------------------------------------------------------------------------------- /debugger/dnspy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/dnspy.md -------------------------------------------------------------------------------- /debugger/images/assemblyattr_after.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/images/assemblyattr_after.png -------------------------------------------------------------------------------- /debugger/images/assemblyattr_before.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/images/assemblyattr_before.png -------------------------------------------------------------------------------- /debugger/images/attach.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/images/attach.png -------------------------------------------------------------------------------- /debugger/images/break.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/images/break.png -------------------------------------------------------------------------------- /debugger/images/debug.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/images/debug.png -------------------------------------------------------------------------------- /debugger/images/pause.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/debugger/images/pause.png -------------------------------------------------------------------------------- /deserialize/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /deserialize/dotnet-XmlSerializer/MyXmlDeserializer.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/dotnet-XmlSerializer/MyXmlDeserializer.cs -------------------------------------------------------------------------------- /deserialize/dotnet-XmlSerializer/MyXmlSerializer.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/dotnet-XmlSerializer/MyXmlSerializer.cs -------------------------------------------------------------------------------- /deserialize/dotnet-XmlSerializer/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/dotnet-XmlSerializer/README.md -------------------------------------------------------------------------------- /deserialize/dotnet-XmlSerializer/evil.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/dotnet-XmlSerializer/evil.txt -------------------------------------------------------------------------------- /deserialize/dotnet-XmlSerializer/xml.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/dotnet-XmlSerializer/xml.txt -------------------------------------------------------------------------------- /deserialize/php-phar/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/php-phar/README.md -------------------------------------------------------------------------------- /deserialize/php-phar/phar-jpg-poly.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/php-phar/phar-jpg-poly.php -------------------------------------------------------------------------------- /deserialize/php-phar/phar_generate.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/php-phar/phar_generate.php -------------------------------------------------------------------------------- /deserialize/php-phar/phar_test.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/php-phar/phar_test.php -------------------------------------------------------------------------------- /deserialize/php-phar/phar_vuln.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/php-phar/phar_vuln.php -------------------------------------------------------------------------------- /deserialize/pickle/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/pickle/README.md -------------------------------------------------------------------------------- /deserialize/pickle/pickle_exp.py3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/pickle/pickle_exp.py3 -------------------------------------------------------------------------------- /deserialize/pickle/pickle_vul.py3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/deserialize/pickle/pickle_vul.py3 -------------------------------------------------------------------------------- /jars/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/jars/README.md -------------------------------------------------------------------------------- /jars/hsqldb.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/jars/hsqldb.jar -------------------------------------------------------------------------------- /jars/jd-gui-1.6.6.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/jars/jd-gui-1.6.6.jar -------------------------------------------------------------------------------- /jars/ysoserial-0.0.6-SNAPSHOT-all.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/jars/ysoserial-0.0.6-SNAPSHOT-all.jar -------------------------------------------------------------------------------- /revshells/pty_shell_handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/pty_shell_handler.py -------------------------------------------------------------------------------- /revshells/r.bash: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.bash -------------------------------------------------------------------------------- /revshells/r.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.c -------------------------------------------------------------------------------- /revshells/r.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.java -------------------------------------------------------------------------------- /revshells/r.nc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.nc -------------------------------------------------------------------------------- /revshells/r.nc_openbsd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.nc_openbsd -------------------------------------------------------------------------------- /revshells/r.nodejs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.nodejs -------------------------------------------------------------------------------- /revshells/r.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.php -------------------------------------------------------------------------------- /revshells/r.pl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.pl -------------------------------------------------------------------------------- /revshells/r.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.ps1 -------------------------------------------------------------------------------- /revshells/r.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.py -------------------------------------------------------------------------------- /revshells/r.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.rb -------------------------------------------------------------------------------- /revshells/r.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.vbs -------------------------------------------------------------------------------- /revshells/r.xml_msbuild: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r.xml_msbuild -------------------------------------------------------------------------------- /revshells/r2.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r2.java -------------------------------------------------------------------------------- /revshells/r3.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/revshells/r3.java -------------------------------------------------------------------------------- /sqli/mssqli.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/sqli/mssqli.py -------------------------------------------------------------------------------- /sqli/mssqli_threading.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/sqli/mssqli_threading.py -------------------------------------------------------------------------------- /sqli/mysqli.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/sqli/mysqli.py -------------------------------------------------------------------------------- /sqli/mysqli_threading.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/sqli/mysqli_threading.py -------------------------------------------------------------------------------- /sqli/pgsql/generate_sql.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/sqli/pgsql/generate_sql.py -------------------------------------------------------------------------------- /sqli/pgsql/pg_exec.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/sqli/pgsql/pg_exec.c -------------------------------------------------------------------------------- /sqli/pgsql/readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/sqli/pgsql/readme.txt -------------------------------------------------------------------------------- /sqli/pgsqli.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/sqli/pgsqli.py -------------------------------------------------------------------------------- /ssti/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/ssti/README.md -------------------------------------------------------------------------------- /ssti/cheatsheet.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/ssti/cheatsheet.txt -------------------------------------------------------------------------------- /ssti/nodejs-lodash.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/ssti/nodejs-lodash.md -------------------------------------------------------------------------------- /ssti/nodejs-pug.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/ssti/nodejs-pug.md -------------------------------------------------------------------------------- /ssti/php-twig.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/ssti/php-twig.md -------------------------------------------------------------------------------- /ssti/python-django.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/ssti/python-django.md -------------------------------------------------------------------------------- /ssti/python-jinja.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/ssti/python-jinja.md -------------------------------------------------------------------------------- /utils/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/README.md -------------------------------------------------------------------------------- /utils/apiServ.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/apiServ.py -------------------------------------------------------------------------------- /utils/brute.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/brute.py -------------------------------------------------------------------------------- /utils/cmdEscape.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/cmdEscape.py -------------------------------------------------------------------------------- /utils/django_crawl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/django_crawl.py -------------------------------------------------------------------------------- /utils/fetchAuth.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/fetchAuth.js -------------------------------------------------------------------------------- /utils/images/4thread.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/images/4thread.png -------------------------------------------------------------------------------- /utils/images/64thread.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/images/64thread.png -------------------------------------------------------------------------------- /utils/ipTrans.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/ipTrans.py -------------------------------------------------------------------------------- /utils/parallel.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/parallel.py -------------------------------------------------------------------------------- /utils/ps.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/ps.py -------------------------------------------------------------------------------- /utils/psEncode.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/psEncode.sh -------------------------------------------------------------------------------- /utils/socketIo-client.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/socketIo-client.py -------------------------------------------------------------------------------- /utils/wsclient-long.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/wsclient-long.py -------------------------------------------------------------------------------- /utils/wsclient-short.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/utils/wsclient-short.py -------------------------------------------------------------------------------- /webshells/shell.aspx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/webshells/shell.aspx -------------------------------------------------------------------------------- /webshells/shell.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tree-chtsec/oswe-tools/HEAD/webshells/shell.jsp -------------------------------------------------------------------------------- /webshells/shell.php: -------------------------------------------------------------------------------- 1 |