Y4tacker / Web-Security

Related projects: ⓘ

• waderwu / javaDeserializeLabs
  javaDeserializeLabs
  ☆62Updated last year
• Firebasky / ctf-Challenge
  是一些比赛中的好题，加上自己出的一些。。。
  ☆41Updated 2 years ago
• yuanhaiGreg / Fuzz-Dict
  一些常见字典
  ☆151Updated 3 years ago
• Drun1baby / CTF-Repo-2023
  2023 各大 CTF 的比赛附件
  ☆48Updated last year
• luelueking / Deserial_Sink_With_JDBC
  Some ReadObject Sink With JDBC
  ☆177Updated 4 months ago
• ccdr4gon / Dr4gonSword
  ☆95Updated 10 months ago
• yzddmr6 / Java-Js-Engine-Payloads
  Java Js Engine Payloads All in one
  ☆255Updated last year
• sv3nbeast / DnslogCmdEcho
  命令执行不回显但DNS协议出网的命令回显场景解决方案
  ☆269Updated last year
• p1n93r / SpringBootAdmin-thymeleaf-SSTI
  SpringBootAdmin-thymeleaf-SSTI which can cause RCE
  ☆76Updated last year
• kezibei / fastjson_payload
  ☆171Updated 2 weeks ago
• minhangxiaohui / DecodeSomeJSPWebshell
  冰蝎、哥斯拉 jsp webshell通信流量解密器
  ☆139Updated last year
• wa1ki0g / NoAuth
  java-web 自动化鉴权绕过
  ☆203Updated last month
• X3NNY / sstilabs
  A lab to help you learning SSTI
  ☆89Updated last year
• dadvlingd / CVE-2021-4034
  ☆18Updated last year
• woodpecker-appstore / jexpr-encoder-utils
  Java表达式语句生成器
  ☆176Updated 11 months ago
• YYHYlh / Apache-Dubbo-CVE-2023-23638-exp
  Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
  ☆216Updated last year
• l3yx / jdwp-codeifier
  基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本（动态执行Java/Js代码并获得回显）
  ☆212Updated 3 months ago
• kitezzzGrim / PHP-Audit-Learn
  PHP-Code-Audit
  ☆13Updated 3 years ago
• ruyueattention / java-memshell-scanner
  通过jsp脚本扫描并查杀Tomcat内存马，当前支持Servlet-api、Tomcat-Value、Timer、Websocket 、Upgrade 、ExecutorShell内存马的查杀逻辑。
  ☆48Updated last year
• safe6Sec / MemoryShell
  内存马学习
  ☆168Updated 2 years ago
• vpxuser / Central-Management-System-Exploitation-Cheat-Sheet
  ☆92Updated this week
• AFKL-CUIT / CTF-Challenges
  A collection of all the CTF challenges I have made.
  ☆9Updated 2 years ago
• whwlsfb / SpringSpider
  Spring Actuator端点的BurpSuite被动扫描插件。
  ☆188Updated last year
• webraybtl / zentaopms_poc
  禅道相关poc
  ☆150Updated 3 months ago
• luelueking / RuoYi-v4.7.8-RCE-POC
  ☆208Updated 6 months ago
• kezibei / Urldns
  ☆273Updated last month
• W01fh4cker / LearnFastjsonVulnFromZero-Basic
  【两万字原创】零基础学fastjson漏洞（基础篇），公众号：追梦信安
  ☆138Updated 10 months ago
• Awrrays / Frame-DefaultPass
  所有碰到过的默认口令
  ☆103Updated 5 months ago
• depycode / fastjson-c3p0
  fastjson不出网利用、c3p0
  ☆245Updated 3 years ago
• M0ge / dirsearch_dicc
  dirsearch自用字典
  ☆39Updated last year