1943 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
github-actions[bot]	bff8f1fe13	docs: 更新 1 篇文章 - 天地伟业Easy7 /Easy7/rest/file/deleteFile 文件删除漏洞 [skip ci]	2026-05-07 03:41:32 +00:00
github-actions[bot]	806f6470b1	docs: 更新 1 篇文章 - 天地伟业Easy7 /Easy7/rest/file/uploadFile 文件上传漏洞 [skip ci]	2026-05-06 03:41:59 +00:00
Copilot	70006014fc	docs: add Pentest-Swarm-AI to README tools section (#59)	2026-05-03 12:16:56 +08:00
Copilot	793ee1744a	docs: add GBitsTools, GbitsGen, ghost-bits-lab, BLACKHAT_Asia2026 to README (#58) ... Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/0849d964-f623-4c6b-ba08-14871344023b Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-05-01 14:11:12 +08:00
github-actions[bot]	db611dcf17	docs: 更新 1 篇文章 - 孚盟云CRM BusinessPriceListList.aspx SQL注入漏洞 [skip ci]	2026-05-01 03:54:57 +00:00
东方有鱼名为咸	46e8295c0b	add Asia-26-Bai-Cast-Attack-Ghost-Bits-4.23.pdf	2026-04-30 20:44:55 +08:00
Copilot	e0a901b72a	Add Java Ghost Bits (Black Hat Asia 2026) links to IOT section (#57) ... * add Cast Attack Ghost Bits links to IOT section in README Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/2e561877-1b4a-42d6-bac7-b9c5b95a091e Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> * Update README with new links and resources * Update README with new CVE links and descriptions --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> Co-authored-by: 东方有鱼名为咸 <Mr-xn@users.noreply.github.com>	2026-04-30 20:23:42 +08:00
github-actions[bot]	eb74e0c978	docs: 更新 1 篇文章 - 孚盟云CRM BusinessPrice.aspx SQL注入漏洞 [skip ci]	2026-04-30 03:42:16 +00:00
github-actions[bot]	0451098613	docs: 更新 1 篇文章 - 孚盟云CRM ClientNameCard.aspx SQL注入漏洞 [skip ci]	2026-04-29 03:40:54 +00:00
github-actions[bot]	9dc3e13da4	docs: 更新 1 篇文章 - 孚盟云CRM CustomizeReportSelectMould.aspx SQL注入漏洞 [skip ci]	2026-04-28 03:43:08 +00:00
github-actions[bot]	40804140d2	docs: 更新 1 篇文章 - 天地伟业Easy7 /Easy7/rest/file/uploadIdsHttpFile SSRF+文件写入漏洞 [skip ci]	2026-04-27 03:38:30 +00:00
github-actions[bot]	bba9ddc6ec	docs: 更新 1 篇文章 - 天地伟业Easy7 /Easy7/rest/file/downloadFile 文件读取漏洞 [skip ci]	2026-04-26 03:34:37 +00:00
github-actions[bot]	3aa177c891	docs: 更新 1 篇文章 - 天地伟业Easy7 /Easy7/rest/file/delete 文件删除漏洞 [skip ci]	2026-04-25 02:56:06 +00:00
github-actions[bot]	abc6deb9f8	docs: 更新 1 篇文章 - 天地伟业Easy7 uploadLedImage 文件上传漏洞 [skip ci]	2026-04-24 03:27:41 +00:00
github-actions[bot]	3ba9403508	docs: 更新 1 篇文章 - 天地伟业Easy7 capture 命令执行漏洞 [skip ci]	2026-04-23 03:25:20 +00:00
github-actions[bot]	b530c68d19	docs: 更新 1 篇文章 - 天地伟业Easy7 getConfigInfoList SQL注入漏洞 [skip ci]	2026-04-22 03:21:56 +00:00
github-actions[bot]	d68b23a952	docs: 更新 1 篇文章 - 天地伟业Easy7 isHashCameraAuth SQL注入漏洞 [skip ci]	2026-04-21 03:23:23 +00:00
Copilot	6568d59c42	Add UnDefend Windows Defender DOS tool to README after RedSun entry (#56)	2026-04-20 19:35:42 +08:00
github-actions[bot]	a94ecb72f9	docs: 更新 1 篇文章 - V2Board 信息泄露漏洞至权限绕过接管账户（CVE-2026-39912）分析复现 [skip ci]	2026-04-20 03:31:46 +00:00
github-actions[bot]	d1d9dfa08f	docs: 更新 1 篇文章 - 天地伟业Easy7 getInquestRoomChannelInfo SQL注入漏洞 [skip ci]	2026-04-19 03:29:25 +00:00
Copilot	99c6ce643e	Add raptor to tools section in README (#55)	2026-04-19 10:16:40 +08:00
东方有鱼名为咸	af1242f9a2	Add link to ultimate code audit checklist	2026-04-18 21:24:11 +08:00
Copilot	cbaa44afc6	docs: 补充 CVE-2026-0827 和 BlueSAM 到 README (#54) ... README.md 新增 2 条工具/漏洞链接 1. 提权辅助相关 章节末尾新增 CVE-2026-0827（ZeroMemoryEx/CVE-2026-0827） Lenovo LdeApi.Server.exe 无模拟写文件本地提权漏洞 低权限用户可创建 NTFS junction，使服务以 SYSTEM 权限向任意位置写文件 归类于 Windows 本地提权漏洞 2. tools 工具集 章节（BOF-RegSave 条目之后）新增 BlueSAM（incursi0n/BlueSAM） BlueHammer 的 Cobalt Strike Beacon Object File (BOF) 移植版 利用 Windows Defender 更新/VSS 行为获取 SAM 数据库副本 可在 Beacon 中直接离线解析注册表数据，获取系统凭据	2026-04-18 11:07:56 +08:00
github-actions[bot]	0d086bdec4	docs: 更新 1 篇文章 - 天地伟业Easy7 getInquestIdByRoomId SQL注入漏洞 [skip ci]	2026-04-18 02:54:11 +00:00
github-actions[bot]	d6cb39a114	docs: 更新 1 篇文章 - 天地伟业Easy7 GetOtherDomainServer.jsp SSRF漏洞 [skip ci]	2026-04-17 03:22:35 +00:00
Copilot	cb896221ac	Add RedSun Windows Defender privilege escalation link to README (#53)	2026-04-17 09:49:25 +08:00
github-actions[bot]	582a9726a7	docs: 更新 1 篇文章 - mdserver-web(夸父面板)≤0.18.4 多处未授权访问 + 信息泄露 + RCE 漏洞分析 [skip ci]	2026-04-16 14:01:47 +00:00
github-actions[bot]	2dfb62b8f5	docs: 更新 1 篇文章 - 天地伟业Easy7 UploadOwnerImage.jsp 文件上传漏洞 [skip ci]	2026-04-16 03:27:45 +00:00
Copilot	e23ed5b544	Add anything-analyzer to tools section in README (#52) ... Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/0d7c52b9-4dce-4210-bb28-f0d780fbaee4 Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-15 22:48:42 +08:00
Copilot	213bb5caaa	Add nano-analyzer and Tomcat JMX→RCE resources to README (#51) ... * Add nano-analyzer and Tomcat JMX Proxy RCE resources to README Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/10587f92-8a1b-4275-bb6b-c0472d2e5efd Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> * Append jmx2rce exploit tool link to existing Tomcat JMX entry in README Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/0084ec9b-4dfc-4ef7-83f6-9b35c9422faa Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-15 16:35:17 +08:00
github-actions[bot]	c9c71cecd6	docs: 更新 1 篇文章 - 天地伟业Easy7 queryRoomConfigs SQL注入漏洞 [skip ci]	2026-04-15 03:19:27 +00:00
github-actions[bot]	cba31362d6	docs: 更新 1 篇文章 - 天地伟业Easy7 queryRoomName SQL注入漏洞 [skip ci]	2026-04-14 03:21:26 +00:00
github-actions[bot]	3c5af3eb9f	docs: 更新 1 篇文章 - 孚盟云CRM FormDefault.aspx、FormDefaultCommon.aspx 多处SQL注入漏洞 [skip ci]	2026-04-12 03:24:49 +00:00
Copilot	4c30648d1d	Add SysWhispers4 link to README near SysWhispers3 entry (#50)	2026-04-11 13:16:03 +08:00
Copilot	273a06748f	Add ysogate link to README near ysomap entry (#49)	2026-04-11 13:00:07 +08:00
Copilot	b93fdde47a	Add Rockxy HTTP debugging proxy tool to README tools section (#48)	2026-04-11 12:44:45 +08:00
github-actions[bot]	884331370c	docs: 更新 1 篇文章 - 孚盟云CRM OrderLook.aspx SQL注入漏洞 [skip ci]	2026-04-11 02:46:12 +00:00
github-actions[bot]	51bb3d92fd	docs: 更新 1 篇文章 - 孚盟云CRM AddInquiry.aspx SQL注入漏洞 [skip ci]	2026-04-10 03:21:14 +00:00
github-actions[bot]	387ee9aae6	docs: 更新 1 篇文章 - 孚盟云CRM WorkFlowHandler.ashx SQL注入漏洞 [skip ci]	2026-04-09 02:49:50 +00:00
github-actions[bot]	688b8b4b14	docs: 更新 1 篇文章 - 孚盟云CRM PriceList.ashx SQL注入漏洞 [skip ci]	2026-04-08 02:55:26 +00:00
Copilot	7b64bc1ce5	Add Podroid to IOT Device & Mobile Phone section in README (#47) ... * Initial plan * Add Podroid link to IOT Device&Mobile Phone section in README Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/b5771060-bd05-4d2a-bc4e-57b1f29b476d Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-07 13:26:03 +08:00
github-actions[bot]	36dda054e5	docs: 更新 1 篇文章 - 孚盟云CRM DingHandler.ashx SQL注入漏洞 [skip ci]	2026-04-07 02:53:55 +00:00
github-actions[bot]	4f9073561e	docs: 更新 1 篇文章 - 孚盟云CRM AjaxTrackInfo.ashx SQL注入漏洞 [skip ci]	2026-04-06 03:20:36 +00:00
Copilot	feda568324	Add Shannon-related security tools to README (#46) ... * Initial plan * docs: 添加 FirmWire (Samsung Shannon 基带固件动态分析平台) 到 IOT 部分 Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/b15a0865-f34e-4dc0-9983-d2a560701369 Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> * docs: 添加 shannon AI渗透测试工具 (KeygraphHQ/shannon) 到 Web APP 部分 Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/104eb426-4d68-4f03-a5a0-572d698ed826 Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-06 09:16:49 +08:00
github-actions[bot]	ebad1a9fee	docs: 更新 1 篇文章 - CLIProxyAPI /v1internal:method 未授权访问漏洞 [skip ci]	2026-04-03 18:56:39 +00:00
Copilot	cceacd84f5	Add kslkatz_bof link to README tools section (#45) ... Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/c1f4457b-1dc8-43de-9e0c-7958d46bc1b5 Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-03 19:53:58 +08:00
github-actions[bot]	f4e909ebf8	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 SetDataSource.aspx SQL注入漏洞 [skip ci]	2026-04-03 05:11:39 +00:00
Copilot	374fd13386	Add vphone-aio to IOT Device & Mobile Phone section (#44)	2026-04-03 10:21:30 +08:00
github-actions[bot]	e0f4448fe3	docs: 更新 1 篇文章 - 深科特 LEAN MES系统 ChooseImage.aspx 任意文件上传/删除漏洞 [skip ci]	2026-04-02 05:09:16 +00:00
Copilot	9a6e8fb48d	Add Payloader to tools section in README (#43) ... * Initial plan * Add Payloader to tools section in README Agent-Logs-Url: https://github.com/Mr-xn/Penetration_Testing_POC/sessions/0cbea200-6db5-4e67-808a-cba3a2d6f4f8 Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Mr-xn <18260135+Mr-xn@users.noreply.github.com>	2026-04-02 12:50:15 +08:00