this is Esonhugh Skyworship's Github
📫 How to reach me: [email protected] or Telegram
🌱 I’m currently learning Security.
Thank u for your watching and star.
Patreon - paid documents articles.
..To Be continue.
- Tencent Src - 腾讯 Src 个人主页
- CVE-2022-27103 - Element-plus show-overflow-tooltip XSS
- Kubernetes Common/Custom Resources injection Attack
- Wiz EKS Cluster Challenge WP
- Attack Code
- Kubernetes has its own "ADCS", kubernetes ceritification security -- How To Backdoor a Kubernetes in silence and more persistent?
- Docker Release Agent Escape Note - research from BlackHat2019
- Kubernetes realworld hacking - SpringCloud Heapdump => Cluster Admin
- Devstream ConfigFile Command Injection Sink
- AI Enhanced Pentesting
- Shell Script manager - ShellScriptSnippet aka SSS
- Weaponized VSCode Project workspace with python msf and other hack tools
- Ticket Master/Token Master for forged Token/Ticket/Cookie in Cloud/VirtualMachine Platforms
- Aliyun System managed Policies json and crawler
- Kubernetes low priv enumeration tool (no need service account)
- Gopherus3 Python3 gopherus
- ProxyInBrowser - XSS exploitation with Websocket, which create http proxy to relay request via victim browser
- (template) Wails + Skeleton sveltekit ui
- (template) Go Cilium ebpf prog starter
- (template) Go cobra cli tools template
- [Out of Date] Openai platform API for API Key management
- Tencent Coding API
- Common AWS like Cloud Policy parser