1925 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
copilot-swe-agent[bot]	9dbe151956	Add UnDefend Windows Defender DOS tool to README after RedSun entry ... Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/78e54fc4-2a65-4553-b928-2e3cc9ef113b Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-20 02:29:29 +00:00
github-actions[bot]	d1d9dfa08f	docs: 更新 1 篇文章 - 天地伟业Easy7 getInquestRoomChannelInfo SQL注入漏洞 [skip ci]	2026-04-19 03:29:25 +00:00
Copilot	99c6ce643e	Add raptor to tools section in README (#55)	2026-04-19 10:16:40 +08:00
东方有鱼名为咸	af1242f9a2	Add link to ultimate code audit checklist	2026-04-18 21:24:11 +08:00
Copilot	cbaa44afc6	docs: 补充 CVE-2026-0827 和 BlueSAM 到 README (#54) ... README.md 新增 2 条工具/漏洞链接 1. 提权辅助相关 章节末尾新增 CVE-2026-0827（ZeroMemoryEx/CVE-2026-0827） Lenovo LdeApi.Server.exe 无模拟写文件本地提权漏洞 低权限用户可创建 NTFS junction，使服务以 SYSTEM 权限向任意位置写文件 归类于 Windows 本地提权漏洞 2. tools 工具集 章节（BOF-RegSave 条目之后）新增 BlueSAM（incursi0n/BlueSAM） BlueHammer 的 Cobalt Strike Beacon Object File (BOF) 移植版 利用 Windows Defender 更新/VSS 行为获取 SAM 数据库副本 可在 Beacon 中直接离线解析注册表数据，获取系统凭据	2026-04-18 11:07:56 +08:00
github-actions[bot]	0d086bdec4	docs: 更新 1 篇文章 - 天地伟业Easy7 getInquestIdByRoomId SQL注入漏洞 [skip ci]	2026-04-18 02:54:11 +00:00
github-actions[bot]	d6cb39a114	docs: 更新 1 篇文章 - 天地伟业Easy7 GetOtherDomainServer.jsp SSRF漏洞 [skip ci]	2026-04-17 03:22:35 +00:00
Copilot	cb896221ac	Add RedSun Windows Defender privilege escalation link to README (#53)	2026-04-17 09:49:25 +08:00
github-actions[bot]	582a9726a7	docs: 更新 1 篇文章 - mdserver-web(夸父面板)≤0.18.4 多处未授权访问 + 信息泄露 + RCE 漏洞分析 [skip ci]	2026-04-16 14:01:47 +00:00
github-actions[bot]	2dfb62b8f5	docs: 更新 1 篇文章 - 天地伟业Easy7 UploadOwnerImage.jsp 文件上传漏洞 [skip ci]	2026-04-16 03:27:45 +00:00
Copilot	e23ed5b544	Add anything-analyzer to tools section in README (#52) ... Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/0d7c52b9-4dce-4210-bb28-f0d780fbaee4 Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-15 22:48:42 +08:00
Copilot	213bb5caaa	Add nano-analyzer and Tomcat JMX→RCE resources to README (#51) ... * Add nano-analyzer and Tomcat JMX Proxy RCE resources to README Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/10587f92-8a1b-4275-bb6b-c0472d2e5efd Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> * Append jmx2rce exploit tool link to existing Tomcat JMX entry in README Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/0084ec9b-4dfc-4ef7-83f6-9b35c9422faa Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-15 16:35:17 +08:00
github-actions[bot]	c9c71cecd6	docs: 更新 1 篇文章 - 天地伟业Easy7 queryRoomConfigs SQL注入漏洞 [skip ci]	2026-04-15 03:19:27 +00:00
github-actions[bot]	cba31362d6	docs: 更新 1 篇文章 - 天地伟业Easy7 queryRoomName SQL注入漏洞 [skip ci]	2026-04-14 03:21:26 +00:00
github-actions[bot]	3c5af3eb9f	docs: 更新 1 篇文章 - 孚盟云CRM FormDefault.aspx、FormDefaultCommon.aspx 多处SQL注入漏洞 [skip ci]	2026-04-12 03:24:49 +00:00
Copilot	4c30648d1d	Add SysWhispers4 link to README near SysWhispers3 entry (#50)	2026-04-11 13:16:03 +08:00
Copilot	273a06748f	Add ysogate link to README near ysomap entry (#49)	2026-04-11 13:00:07 +08:00
Copilot	b93fdde47a	Add Rockxy HTTP debugging proxy tool to README tools section (#48)	2026-04-11 12:44:45 +08:00
github-actions[bot]	884331370c	docs: 更新 1 篇文章 - 孚盟云CRM OrderLook.aspx SQL注入漏洞 [skip ci]	2026-04-11 02:46:12 +00:00
github-actions[bot]	51bb3d92fd	docs: 更新 1 篇文章 - 孚盟云CRM AddInquiry.aspx SQL注入漏洞 [skip ci]	2026-04-10 03:21:14 +00:00
github-actions[bot]	387ee9aae6	docs: 更新 1 篇文章 - 孚盟云CRM WorkFlowHandler.ashx SQL注入漏洞 [skip ci]	2026-04-09 02:49:50 +00:00
github-actions[bot]	688b8b4b14	docs: 更新 1 篇文章 - 孚盟云CRM PriceList.ashx SQL注入漏洞 [skip ci]	2026-04-08 02:55:26 +00:00
Copilot	7b64bc1ce5	Add Podroid to IOT Device & Mobile Phone section in README (#47) ... * Initial plan * Add Podroid link to IOT Device&Mobile Phone section in README Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/b5771060-bd05-4d2a-bc4e-57b1f29b476d Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-07 13:26:03 +08:00
github-actions[bot]	36dda054e5	docs: 更新 1 篇文章 - 孚盟云CRM DingHandler.ashx SQL注入漏洞 [skip ci]	2026-04-07 02:53:55 +00:00
github-actions[bot]	4f9073561e	docs: 更新 1 篇文章 - 孚盟云CRM AjaxTrackInfo.ashx SQL注入漏洞 [skip ci]	2026-04-06 03:20:36 +00:00
Copilot	feda568324	Add Shannon-related security tools to README (#46) ... * Initial plan * docs: 添加 FirmWire (Samsung Shannon 基带固件动态分析平台) 到 IOT 部分 Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/b15a0865-f34e-4dc0-9983-d2a560701369 Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> * docs: 添加 shannon AI渗透测试工具 (KeygraphHQ/shannon) 到 Web APP 部分 Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/104eb426-4d68-4f03-a5a0-572d698ed826 Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-06 09:16:49 +08:00
github-actions[bot]	ebad1a9fee	docs: 更新 1 篇文章 - CLIProxyAPI /v1internal:method 未授权访问漏洞 [skip ci]	2026-04-03 18:56:39 +00:00
Copilot	cceacd84f5	Add kslkatz_bof link to README tools section (#45) ... Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/c1f4457b-1dc8-43de-9e0c-7958d46bc1b5 Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-03 19:53:58 +08:00
github-actions[bot]	f4e909ebf8	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 SetDataSource.aspx SQL注入漏洞 [skip ci]	2026-04-03 05:11:39 +00:00
Copilot	374fd13386	Add vphone-aio to IOT Device & Mobile Phone section (#44)	2026-04-03 10:21:30 +08:00
github-actions[bot]	e0f4448fe3	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 ChooseImage.aspx 任意文件上传/删除漏洞 [skip ci]	2026-04-02 05:09:16 +00:00
Copilot	9a6e8fb48d	Add Payloader to tools section in README (#43) ... * Initial plan * Add Payloader to tools section in README Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/0cbea200-6db5-4e67-808a-cba3a2d6f4f8 Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-02 12:50:15 +08:00
Copilot	c6fd74206f	Add clawgod to tools section in README (#42)	2026-04-02 10:02:31 +08:00
Copilot	e420c21808	Add trajan CI/CD pipeline security scanner to tools section in README (#41) ... Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/6d26a157-3628-4a26-89af-0cf134c24643 Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-02 08:37:39 +08:00
github-actions[bot]	21e4ead453	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 AutoComplete.ashx SQL注入漏洞 [skip ci]	2026-04-01 07:43:53 +00:00
github-actions[bot]	b712c5a62f	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 CreateMenus.aspx 任意文件上传漏洞 [skip ci]	2026-03-31 05:16:21 +00:00
github-actions[bot]	f05665bd3d	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 UploadHander.ashx 文件上传漏洞 [skip ci]	2026-03-29 07:13:24 +00:00
Copilot	8e29dd97ad	Add ProcIR Windows incident response tool to README (#40)	2026-03-29 00:35:55 +08:00
github-actions[bot]	797e3b6608	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 TestManagePlatform.ashx SQL注入漏洞 [skip ci]	2026-03-28 07:06:40 +00:00
github-actions[bot]	575f274647	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 PrintUpdate.ashx 任意文件读取/上传/删除漏洞 [skip ci]	2026-03-27 07:18:08 +00:00
github-actions[bot]	d7688b33cf	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 /Handler/MobileAppLogin.ashx SQL注入漏洞 [skip ci]	2026-03-26 07:19:10 +00:00
github-actions[bot]	0b33df2096	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 DownLoad.aspx 任意文件读取漏洞 [skip ci]	2026-03-26 02:51:06 +00:00
github-actions[bot]	80c4af86bd	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 /Handler/FileSync.ashx 任意文件读取/上传/删除/SSRF等多个漏洞 [skip ci]	2026-03-25 07:11:34 +00:00
Copilot	45eb8b13f2	Add DarkSword iOS exploit repositories to README (#37) ... * Initial plan * Add DarkSword iOS exploit repos to README.md Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/49960825-7dde-4747-8ff5-5739ab1bc747 --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-03-24 19:56:40 +08:00
github-actions[bot]	91b5bf61b5	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 UploadPortraits.ashx 文件上传漏洞 [skip ci]	2026-03-24 07:13:14 +00:00
github-actions[bot]	13723b69ef	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 EquipmentTree.ashx SQL注入漏洞 [skip ci]	2026-03-24 05:00:02 +00:00
github-actions[bot]	eca771df84	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 /Handler/SMTLoadingMaterial.ashx SQL注入漏洞 [skip ci]	2026-03-23 07:20:51 +00:00
github-actions[bot]	a03ac05fc3	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 ChooseLineAndRes.ashx SQL 注入漏洞 [skip ci]	2026-03-22 13:04:57 +00:00
Copilot	860953919c	Add ByPassTamperPlus to README.md (#36) ... * Initial plan * Add ByPassTamperPlus to README.md sqlmap tamper section Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-03-20 20:28:19 +08:00
github-actions[bot]	99e3141538	docs: 更新 1 篇文章 - 深信服运维安全管理系统 upload_CN 远程命令执行漏洞 [skip ci]	2026-03-20 02:36:53 +00:00