TomAPU / WAF-rules
☆22Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for WAF-rules
- Low-level RASP: Protecting Applications Implemented in High-level Programming Languages☆56Updated last year
- ☆28Updated 4 years ago
- ☆58Updated 4 years ago
- PHP 扩展, 用于 PHP-FPM、FastCGI、LD_PRELOAD等模式下突破 disabled_functions☆104Updated 3 years ago
- 收集规则☆30Updated last year
- 《深入理解DAST动态应用程序安全测试》Dynamic Application Security Testing.☆47Updated 2 years ago
- ☆32Updated 4 years ago
- struts2 漏洞环境源代码☆75Updated 2 years ago
- Knowledge Base 慢雾安全团队知识库☆29Updated 5 years ago
- 一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…☆122Updated 2 years ago
- slides and papers from (or partly from) Bonan☆22Updated 8 months ago
- ☆62Updated 4 years ago
- Java 反序列化学习的实验代码 Java_deserialize_vuln_lab☆87Updated 5 years ago
- JVM runtime class loading protection agent.(JVM类加载保护agent)☆47Updated 3 years ago
- 总结了免杀webshell的方法论☆48Updated 4 years ago
- 使用java agent反序列化注入内存shell☆67Updated 4 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆24Updated 5 years ago
- ☆131Updated 2 years ago
- ☆102Updated last year
- JNDI注入测试工具改版(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,et…☆47Updated 4 years ago
- Scripts that can generate gopher payload.☆11Updated 4 years ago
- bypass JEP290 RaspHook code☆62Updated 4 years ago
- ☆10Updated 4 years ago
- CVE exploits for Web, Windows, Linux and others are independently written by Zhuri Lab☆48Updated 3 years ago
- 个人用于在自动化挖掘gadget时,方便查找gadget chains中class所在jar包,以助于便捷审计测试gadget有效性的那么一个小工具。☆60Updated 4 years ago
- ☆58Updated 4 years ago
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆126Updated 4 years ago
- Writeup and environment for XCTF2021Final-Dubbo☆45Updated 3 years ago
- webshell-bypass☆73Updated 4 years ago