## 攻击与利用 / penetration_test

1. [CDK](#cdk)
2. [Viper](#viper)
3. [MDUT](#mdut)
4. [Redis-Rogue-Server](#redis-rogue-server)
5. [MysqlT](#mysqlt)

----------------------------------------

### [CDK](detail/CDK.md)
![Author](https://img.shields.io/badge/Author-cdkteam-orange)
![Language](https://img.shields.io/badge/Language-CDK-blue)
![GitHub stars](https://img.shields.io/github/stars/cdk-team/CDK.svg?style=flat&logo=github)
![Version](https://img.shields.io/badge/Version-V1.0.4-red)

<https://github.com/cdk-team/CDK>

CDK是一款为容器环境定制的渗透测试工具，在已攻陷的容器内部提供零依赖的常用命令及PoC/EXP。集成Docker/K8s场景特有的逃逸、横向移动、持久化利用方式，插件化管理。

### [Viper](detail/Viper.md)
![Author](https://img.shields.io/badge/Author-FunnyWolf-orange)
![Language](https://img.shields.io/badge/Language-JS/Python-blue)
![GitHub stars](https://img.shields.io/github/stars/FunnyWolf/Viper.svg?style=flat&logo=github)
![Version](https://img.shields.io/badge/Version-V1.5.5-red)

<https://github.com/FunnyWolf/Viper>

VIPER是一款图形化内网渗透工具,将内网渗透过程中常用的战术及技术进行模块化及武器化。

### [MDUT](detail/MDUT.md)
![Author](https://img.shields.io/badge/Author-Ch1ngg-orange)
![Language](https://img.shields.io/badge/Language-Java-blue)
![GitHub stars](https://img.shields.io/github/stars/SafeGroceryStore/MDUT.svg?style=flat&logo=github)
![Version](https://img.shields.io/badge/Version-V2.0.7-red)

<https://github.com/SafeGroceryStore/MDUT>

MDUT 全称 Multiple Database Utilization Tools，旨在将常见的数据库利用手段集合在一个程序中，打破各种数据库利用工具需要各种环境导致使用相当不便的隔阂；MDUT 使用 Java 开发，支持跨平台使用。

### [Redis-Rogue-Server](detail/Redis-Rogue-Server.md)
![Author](https://img.shields.io/badge/Author-Dliv3-orange)
![Language](https://img.shields.io/badge/Language-Python-blue)
![GitHub stars](https://img.shields.io/github/stars/Dliv3/redis-rogue-server.svg?style=flat&logo=github)
![Version](https://img.shields.io/badge/Version-V1.0.0-red)

<https://github.com/Dliv3/redis-rogue-server>

Redis 4.x/Redis 5.x RCE利用脚本. 项目最初来源于 <https://github.com/n0b0dyCN/redis-rogue-server>

### [MysqlT](detail/MysqlT.md)
![Author](https://img.shields.io/badge/Author-BeichenDream-orange)
![Language](https://img.shields.io/badge/Language-C%23-blue)
![GitHub stars](https://img.shields.io/github/stars/BeichenDream/MysqlT.svg?style=flat&logo=github)
![Version](https://img.shields.io/badge/Version-V1.0.0-red)

<https://github.com/BeichenDream/MysqlT>

伪造Myslq服务端,并利用Mysql逻辑漏洞来获取客户端的任意文件反击攻击。