Java JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security (code scanning), LGTM.com, and LGTM Enterprise

海康威视综合安防平台后渗透利用工具

基于Java实现的Shellcode加载器

Base64 encode/decode

🎉 Repo for LaWGPT, Chinese-Llama tuned with Chinese Legal knowledge. 基于中文法律知识的大语言模型

Code execution via Python package installation.

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

Docker images with PHP and xdebug installed, configured and ready to debug and profile applications in modern IDEs.

此项目为su18大佬的仓库镜像，如有问题可发issuse删库

CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具，目前仅支持java语言。实现从源码反编译，数据库生成，脆弱性发现的全过程，可以辅助代码审计人员快速定位源码可能存在的漏洞。

DongTai is an interactive application security testing(IAST) product that supports the detection of OWASP WEB TOP 10 vulnerabilities, multi-request related vulnerabilities (including logic vulnerab…

60+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.

A helpful Java Deserialization exploit framework.

ysoserial修改版，着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。

WebSocket 内存马/Webshell，一种新型内存马/WebShell技术

This repo includes ChatGPT prompt curation to use ChatGPT better.

Pre-Built Vulnerable Environments Based on Docker-Compose

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

ysoserial for su18

PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers

A simple Hexo theme forked from icylogic.

PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)

fortinet auth bypass analyze and exploit

A static code analyzer for C++, C#, Lua

Vulnerabilities Scan: 15000+PoCs; 20 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty...

🔪 Scan memory for secrets and more. Maybe eventually a full /proc toolkit.

S2-062 (CVE-2021-31805) / S2-061 / S2-059 RCE