Starred repositories
31
stars
written in Java
Clear filter
Ghidra is a software reverse engineering (SRE) framework
Free universal database tool and SQL client
ZXing ("Zebra Crossing") barcode scanning library for Java, Android
A distributed task scheduling framework.(分布式任务调度平台XXL-JOB)
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.
[Archived, FORK: https://github.com/NihilityT/MiPushFramework] Let supported push service run system-ly on every Android devices
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
a webshell resides in the memory of java web server
Burp Plugin to decrypt AES encrypted traffic on the fly
🐘 SonarPHP: PHP static analyzer for SonarQube & SonarLint
Plugin for Ghidra to assist reversing Golang binaries
一款基于webshell命令执行功能实现的GUI webshell管理工具,支持流量加密
tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484是session持久化的洞,这个是session集群同步的洞!
Analyze Golang with Ghidra
PoC and writeup for bypassing the initial patch of CVE-2024-0044, Android run-as any app vulnerability allowing privilege escalation from adb to installed app
🔥 微信红包 | 自动抢红包 采用AccessibilityService实现免root 适配至最新微信7.0.0版本