3xp10it / paper
☆12Updated 5 years ago
Related projects: ⓘ
- ☆29Updated this week
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆24Updated 5 years ago
- DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。☆46Updated 4 years ago
- Papers☆34Updated 4 years ago
- A Zhiyuan OA Collaborative Office Remote Code Execution Vulnerability on Windows☆36Updated 5 years ago
- autoType enable☆36Updated 5 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆23Updated 5 years ago
- fastjson-1.2.61-RCE☆33Updated 4 years ago
- Some debug notes and exploit(not blind)☆40Updated 5 years ago
- The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.☆20Updated 6 years ago
- 爬取乌云所有漏洞地址,并获取所有漏洞的漏洞地址字典☆8Updated 6 years ago
- ☆19Updated 3 years ago
- CNVD-C-2019-48814 Weblogic wls9_async_response 反序列化利用工具☆38Updated 5 years ago
- CVE-2018-3252-PoC☆74Updated 5 years ago
- 针对域名/页面的接口爬取,递归模式入库☆21Updated 5 years ago
- CVE-2019-2890 WebLogic 反序列化RCE漏洞☆41Updated 4 years ago
- ☆45Updated this week
- Spring Data Commons RCE 远程命令执行漏洞☆57Updated 5 years ago
- kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609☆90Updated 4 years ago
- CVE-2018-3191 反弹shell☆16Updated 5 years ago
- Burpsuite Plugin For AES Crack☆37Updated 4 years ago
- fastjson-1.2.58-rce with h2 database☆33Updated 5 years ago
- some java code i met or i used☆29Updated 5 years ago
- ☆28Updated this week
- A collection of script tools for pentesting☆63Updated 4 years ago
- ☆58Updated this week
- some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute☆69Updated 3 years ago
- ☆11Updated 4 months ago
- ☆22Updated this week
- A fastjson payload generator☆56Updated 3 years ago
- ☆35Updated this week