Stars
Free and Open Source, Distributed, RESTful Search Engine
Ip2region is an offline IP address manager framework and locator with both IPv4 and IPv6 supported, supporting billions of data segments, ten microsecond searching performance, xdb search client fo…
A simple app to use Xposed without root, unlock the bootloader or modify system image, etc.
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
Apache Log4j is a versatile, feature-rich, efficient logging API and backend for Java.
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Java web common vulnerabilities and security code which is base on springboot and spring security
a rep for documenting my study, may be from 0 to 0.1
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Share Things Related to Java - Java安全漫谈笔记相关内容
Shiro550/Shiro721 一键化利用工具,支持多种回显方式
jSQL Injection is a Java application for automatic SQL database injection.
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
AndroRAT | Remote Administrator Tool for Android OS Hacking
Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。