brant-ruan / slides-and-papers
slides and papers from (or partly from) Bonan
☆22Updated 6 months ago
Related projects: ⓘ
- 一些Java RASP demo☆11Updated 4 years ago
- ☆15Updated 3 years ago
- ☆27Updated this week
- JVM runtime class loading protection agent.(JVM类加载保护agent)☆47Updated 3 years ago
- ☆58Updated 4 years ago
- springboot getRequestURI acl bypass☆37Updated 3 years ago
- 收集规则☆30Updated last year
- jre8u20 gadget☆31Updated 3 years ago
- ☆32Updated 4 years ago
- ☆12Updated this week
- Apache/Alibaba Dubbo <= 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Data; Affects Versions <= 2.7.6 With Diffe…☆52Updated 3 years ago
- 宽字节安全团队的博客☆30Updated 3 years ago
- Easy burp sign extension!☆21Updated 10 months ago
- Writeup and environment for XCTF2021Final-Dubbo☆45Updated 3 years ago
- ☆27Updated 4 years ago
- ☆39Updated this week
- ☆41Updated 5 years ago
- Scripts that can generate gopher payload.☆11Updated 4 years ago
- some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute☆69Updated 3 years ago
- NST Vulnerability Scanner☆18Updated 5 years ago
- ☆10Updated this week
- Java After-Deserialization Attack☆77Updated 3 years ago
- fastjson-1.2.61-RCE☆33Updated 4 years ago
- ☆34Updated 2 years ago
- 记录调试分析ysoserial系列的学习过程,主要包含手动构造的一些poc,便于加深对漏洞和工具的理解☆29Updated 4 years ago
- ☆27Updated this week
- 《深入理解DAST动态应用程序安全测试》Dynamic Application Security Testing.☆45Updated last year
- 阿里云先知社区xss挑战☆21Updated 7 years ago
- ☆74Updated this week
- 通过Web获取访客机器的hostname字段内容。☆62Updated 2 years ago