Learn about SSRF bypass techniques including URL encoding, domain manipulation, IP address conversion. Discover how to exploit these vulnerabilities for web app

Learn how to create a PPSX file for phishing purposes without using macros. This tutorial covers the steps to embed malicious programs in presentations, enhanci

Hostscan是一个用于网络扫描的PHP工具，主要用于信息收集和测试弱密码。它支持SSH、IMAP、MySQL等多种连接方式，并提供深度扫描功能。适用于网络安全研究者和技术爱好者。

Learn how to gather critical system information using WMIC commands in the command line. Explore tools for identifying installed patches, running services, star

Explore various methods of port rebinding in penetration testing using bash, perl, python, php, ruby, nc, and java. Learn how to establish a reverse shell conne

了解如何利用mssql注入点的命令执行漏洞获取meterpreter，掌握powershell、regsvr32、rundll32和mshta等多种注入技巧。

Phan is a PHP static analyzer that minimizes false positives by verifying type compatibility and checking various operations. It supports features like PHPDoc a

Explore advanced techniques for executing operating system commands via MSSQL, including xp_cmdshell, SP_OACreate, and more. This guide covers various methods t

Discover and learn about the Invoke-MS16-135 PowerShell implementation targeting vulnerable operating systems. This code allows you to run applications with spe

Explore the technique of using ADS for file execution during pentesting. Learn how to upload and execute files via CobaltStrike and Meterpreter, including comma

OWTF是一款强大的自动化Web渗透测试框架，支持OWASP测试指南和NIST标准。它提供灵活的风险评估、报告生成和多目标测试功能，适用于高级网络安全测试人员进行深入研究。

Discover how to execute code in MS Word without macros using DDE and DDEAUTO. Learn techniques for interactive shell access via Word documents.