#
Lists (9)
Starred repositories
62
stars
written in Java
Clear filter
微信开发 Java SDK ,支持包括微信支付,开放平台,小程序,企业微信,视频号,公众号等的后端开发
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
XPay个人免签收款支付系统 完全免费 资金直接到达本人账号 支持 支付宝 微信 QQ 云闪付 无需备案 无需签约 无需挂机监控APP 无需插件 无需第三方支付SDK 无需营业执照身份证 只需收款码 搞定支付流程 现已支持移动端支付
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Java web common vulnerabilities and security code which is base on springboot and spring security
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
This is the public repository for the CFR Java decompiler
a rep for documenting my study, may be from 0 to 0.1
一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
An easy-to-learn/use static analysis framework for Java
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件