Java代码审计学习笔记
☆13Dec 20, 2024Updated last year
Alternatives and similar repositories for JavaSecurity
Users that are interested in JavaSecurity are comparing it to the libraries listed below
Sorting:
- PHP代码审计案例-1000PHP☆27Aug 20, 2024Updated last year
- 零基础Java安全学习笔记☆57Dec 6, 2025Updated 3 months ago
- php webshell bypass D盾、safedog、360、火绒等,仅支持php7☆18Aug 25, 2025Updated 6 months ago
- 禅道认证绕过后台命令执行Getshell☆13Jan 8, 2025Updated last year
- 一款用Go实现的批量加载漏洞检测插件进行多线程扫描的框架。☆11Jan 20, 2024Updated 2 years ago
- 一个信息收集超超超级缝合工具,目前集成OneForAll,FScan,Xray,Xpoc,VulMap,EnScan,AfRog,FOFA-Api。☆15Aug 31, 2023Updated 2 years ago
- java代码审计笔记☆21Jun 8, 2024Updated last year
- 一个多源漏洞情报聚合工具,能够从多个权威安全数据源爬取漏洞信息,去重后生成结构化报告。支持自定义时间范围查询、多格式输出和自动化定时任务。☆29Updated this week
- 一款基于 AI 大模型的 WebShell 自动生成工具,支持自动迭代优化,集成河马查杀和阿里云伏魔平台检测。☆17Feb 5, 2026Updated last month
- 整理容器逃逸相关的漏洞和exploits.☆15Apr 17, 2024Updated last year
- 一些jar包相关的漏洞☆26Sep 24, 2024Updated last year
- DLL Unhooking☆13Mar 26, 2021Updated 4 years ago
- 新免杀方向 Mimikatz(猕猴桃) 免杀 360,火绒,电脑管家,WindowsDefinder,详细使用教程请参考博客:https://www.vpss.cc/381.html☆25Mar 4, 2024Updated 2 years ago
- 免杀☆12May 6, 2024Updated last year
- Xinjing-LM 是一个专注于心理健康领域的智能助手,基于 Qwen 模型进行微调和优化,旨在理解复杂的心理学知识、生成高质量文本并支持多轮对话。通过数据蒸馏、指令微调和多轮对话构建等技术,Xinjing-LM 在心理健康场景中表现出色,能够为用户提供准确、流畅且逻辑严…☆51Feb 21, 2025Updated last year
- iis高版本短文件名猜解脚本,适用于iis7.5~10.x版本的iis中间件。☆68Apr 6, 2025Updated 11 months ago
- CVE-2024-21006 exp☆17Jul 29, 2024Updated last year
- 基于load data逻辑漏洞的Mysql蜜罐☆23Jul 14, 2025Updated 8 months ago
- 一款根据pom.xml获取引用的第三方组件的版本号并识别组件漏洞的工具☆22May 17, 2023Updated 2 years ago
- 密探POC-漏洞验证工具0.2版☆28May 2, 2024Updated last year
- 炭火,渗透测试全流程工具☆24Sep 1, 2025Updated 6 months ago
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation☆18Dec 18, 2024Updated last year
- Cobalt Strike 钉钉机器人上线提醒☆15Sep 8, 2024Updated last year
- 常见反沙箱反虚拟机总结☆20Nov 13, 2024Updated last year
- FindSomething本地移植版--HeartK☆93Jul 15, 2025Updated 8 months ago
- A comprehensive repository for malware analysis and threat intelligence, including Cobalt Strike Beacon configurations, YARA rules, IOCs,…☆16Mar 6, 2026Updated last week
- 蓝队笔记--------面向安全事件的实践指南,实战笔记。包含安全事件发现(威胁狩猎)、应急处置(应急响应)、安全数据挖掘、威胁情报等多个方面。☆14Jun 6, 2025Updated 9 months ago
- 互联网数字垃圾回收专用废纸篓☆62Jan 23, 2024Updated 2 years ago
- 将fofa quake zoomeye hunter等空间测绘聚合的小工具☆23Aug 13, 2023Updated 2 years ago
- 基于W01fh4cker大佬的LearnJavaMemshellFromZero从零掌握java内存马的复现重组版本。☆92Jul 7, 2025Updated 8 months ago
- 用Go+Fyne开发的,展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。☆125Jan 14, 2025Updated last year
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- 一款基于James Forshaw的.NET Remoting反序列化工具升级版在TypeFilterLevel.Low模式无文件payload任意代码执行poc的开发心得☆48Jan 23, 2025Updated last year
- go实现的shellcode免杀加载器,实测时可过火绒,360。当前效果请自行评判。☆47Sep 11, 2024Updated last year
- 渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell co…☆11Oct 18, 2023Updated 2 years ago
- Let sliver use msf payload!☆25Mar 23, 2025Updated 11 months ago
- NOC is an Integration Bypasser, Change PoC Binary to quirks of working with the LLVM.☆11Jul 22, 2024Updated last year
- 瞎越是一款 Burp Suite 的安全插件,主要用于测试 Web 越权、未授权的网络安全漏洞。☆11Jun 13, 2024Updated last year
- 少而精的常用字典,积累各种场景实现字典进化,只追求更简单更有效,不建议star,但建议pr。☆142Jun 7, 2024Updated last year