Starred repositories
Code Repository for CISSP®️ Certification Domain 4: Communication and Network Security Video Boot Camp 2019, published by Packt
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.
Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.
A root exploit for CVE-2022-0847 (Dirty Pipe)
Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021.
A collaborative, multi-platform, red teaming framework
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Bandit is a tool designed to find common security issues in Python code.
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
Microsoft » Windows 10 : Security Vulnerabilities
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Apache Dubbo Hessian2 CVE-2021-43297 demo
CVE-2021-43297 POC,Apache Dubbo<= 2.7.13时可以实现RCE
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.