AdministratorGithub
Follow
Stars
Ghidra is a software reverse engineering (SRE) framework
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
MDUT - Multiple Database Utilization Tools
Shiro550/Shiro721 一键化利用工具,支持多种回显方式
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.
Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.…
Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)
Log4j2 RCE Passive Scanner plugin for BurpSuite
J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).