Stars
《Hello 算法》:动画图解、一键运行的数据结构与算法教程。支持简中、繁中、English、日本語,提供 Python, Java, C++, C, C#, JS, Go, Swift, Rust, Ruby, Kotlin, TS, Dart 等代码实现
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
A library that provides access to Android hidden APIs and internal resources.
Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
LSPass: Bypass restrictions on non-SDK interfaces
domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等
xposed安卓虚拟摄像头 android virtual camera on xposed hook
SEKIRO is a multi-language, distributed, network topology-independent service publishing platform. By writing handlers in their respective languages, functionalities can be published to the central…
Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271/CNVD-C-2019-48814/CVE-2019-2725检查。
SHELLING - a comprehensive OS command injection payload generator
fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java