Y4tacker / Web-Security
A repository to record my usual studies
☆19Updated last year
Related projects: ⓘ
- javaDeserializeLabs☆62Updated last year
- 是一些比赛中的好题,加上自己出的一些。。。☆41Updated 2 years ago
- 一些常见字典☆151Updated 3 years ago
- 2023 各大 CTF 的比赛附件☆48Updated last year
- Some ReadObject Sink With JDBC☆177Updated 4 months ago
- ☆95Updated 10 months ago
- Java Js Engine Payloads All in one☆255Updated last year
- 命令执行不回显但DNS协议出网的命令回显场景解决方案☆269Updated last year
- SpringBootAdmin-thymeleaf-SSTI which can cause RCE☆76Updated last year
- ☆171Updated 2 weeks ago
- 冰蝎、哥斯拉 jsp webshell通信流量解密器☆139Updated last year
- java-web 自动化鉴权绕过☆203Updated last month
- A lab to help you learning SSTI☆89Updated last year
- ☆18Updated last year
- Java表达式语句生成器☆176Updated 11 months ago
- Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践☆216Updated last year
- 基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本(动态执行Java/Js代码并获得回显)☆212Updated 3 months ago
- PHP-Code-Audit☆13Updated 3 years ago
- 通过jsp脚本扫描并查杀Tomcat内存马,当前支持Servlet-api、Tomcat-Value、Timer、Websocket 、Upgrade 、ExecutorShell内存马的查杀逻辑。☆48Updated last year
- 内存马学 习☆168Updated 2 years ago
- ☆92Updated this week
- A collection of all the CTF challenges I have made.☆9Updated 2 years ago
- Spring Actuator端点的BurpSuite被动扫描插件。☆188Updated last year
- 禅道相关poc☆150Updated 3 months ago
- ☆208Updated 6 months ago
- ☆273Updated last month
- 【两万字原创】零基础学fastjson漏洞(基础篇),公众号:追梦信安☆138Updated 10 months ago
- 所有碰到过的默认口令☆103Updated 5 months ago
- fastjson不出网利用、c3p0☆245Updated 3 years ago
- dirsearch自用字典☆39Updated last year