LFYSec / XCTF2021Final-DubboView external linksLinks
Writeup and environment for XCTF2021Final-Dubbo
☆44May 31, 2021Updated 4 years ago
Alternatives and similar repositories for XCTF2021Final-Dubbo
Users that are interested in XCTF2021Final-Dubbo are comparing it to the libraries listed below
Sorting:
- ☆78Jan 12, 2021Updated 5 years ago
- solution to buggyLoader of 0CTF/TCTF 2021 Finals☆20Sep 27, 2021Updated 4 years ago
- nativeRasp that can hook native methods☆24Apr 24, 2023Updated 2 years ago
- Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability CVE-2021-22053☆37Dec 15, 2022Updated 3 years ago
- Collection of CTF Web challenges I made☆53Apr 25, 2023Updated 2 years ago
- ☆41Mar 10, 2021Updated 4 years ago
- 构造字节在ASCII范围内的jar☆139Feb 14, 2022Updated 4 years ago
- A c0 -> LLVM IR compiler, with some optimization.☆13Jul 13, 2020Updated 5 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- ☆146Jan 16, 2023Updated 3 years ago
- ☆17Sep 22, 2024Updated last year
- 好好打比赛、、、emmmm 投机取巧是不好的☆30Sep 30, 2018Updated 7 years ago
- 超硬核!使用图数据技术发现软件漏洞☆185Sep 1, 2021Updated 4 years ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- PaddingZip is a tool that you can craft a zip file that contains the padding characters between the file content.☆81Aug 14, 2022Updated 3 years ago
- 打CTF实在厌倦了找利用链,就知道一个fastjson的版本,一堆依赖找啊找,头都疼。为了解决这个烦恼,用了卓卓师傅的fastjson黑名单工具和库,自己改造了一下。☆32Jan 3, 2020Updated 6 years ago
- writeups for our challenges☆147Dec 11, 2022Updated 3 years ago
- 静态分析及代码审计自动化相关资料收集☆298Jul 29, 2022Updated 3 years ago
- SUCTF iCloudMusic 源码及writeup☆10Oct 12, 2022Updated 3 years ago
- bypass JEP290 RaspHook code☆63Sep 21, 2020Updated 5 years ago
- My CTF Challenges☆215Jan 4, 2026Updated last month
- To solve some readflag situation in ctfs☆33Jan 12, 2021Updated 5 years ago
- fastjson-1.2.61-RCE☆33Sep 26, 2019Updated 6 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆753Apr 14, 2021Updated 4 years ago
- Weblogic环境搭建工具☆796Apr 23, 2020Updated 5 years ago
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆754Dec 2, 2022Updated 3 years ago
- PolicyKit CVE-2021-3560 Exploitation (Authentication Agent)☆24Mar 6, 2023Updated 2 years ago
- ☆26Mar 17, 2021Updated 4 years ago
- ☆153Jun 24, 2019Updated 6 years ago
- JDBC Connection URL Attack☆438Sep 10, 2021Updated 4 years ago
- D3CTF-2021-Official-Writeup☆18Mar 12, 2021Updated 4 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- 一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…☆124Dec 11, 2021Updated 4 years ago
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆269Mar 4, 2022Updated 3 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- ☆349Jan 24, 2023Updated 3 years ago
- ☆294May 7, 2022Updated 3 years ago
- Stop Windows Defender programmatically☆15Jan 17, 2022Updated 4 years ago
- WALA 学习笔记☆14Aug 8, 2023Updated 2 years ago