cokeBeer / go-cvesView external linksLinks
收录go语言编写的项目、框架和组件出现的cve,或者一些相关的利用方式的文章
☆47Nov 23, 2022Updated 3 years ago
Alternatives and similar repositories for go-cves
Users that are interested in go-cves are comparing it to the libraries listed below
Sorting:
- Go安全的学习中ing☆17Jan 9, 2023Updated 3 years ago
- a dataflow analysis framework implemented in Go, like soot☆39Sep 22, 2022Updated 3 years ago
- Go-sec-code is a project for learning Go vulnerability code.☆50Mar 11, 2023Updated 2 years ago
- 改造一个基于jrmp的AMF反序列化利用工具☆16Jul 7, 2022Updated 3 years ago
- Spring-Kafka-Deserialization-Remote-Code-Execution☆32Oct 8, 2023Updated 2 years ago
- Automatic credential collection☆21Aug 17, 2022Updated 3 years ago
- Go相关的安全研究☆234Nov 6, 2023Updated 2 years ago
- 一些结合第三方组件的Fastjson POC,在1.2.48以后版本中陆续被添加至黑名单。☆56Oct 29, 2019Updated 6 years ago
- 导出coremail联系人☆18Apr 19, 2023Updated 2 years ago
- Microsoft Office Word Rce 复现(CVE-2022-30190)☆60May 31, 2022Updated 3 years ago
- 简单的用python写的远控demo 执行命令 只一个心跳完成所有操作☆36Oct 7, 2022Updated 3 years ago
- Fastjson + MySQL 条件下不出网利用测试环境☆49Dec 6, 2025Updated 2 months ago
- 一个基于JSRPC实现的自动解密代理框架☆13Sep 28, 2023Updated 2 years ago
- 魔改shadowsocks,实现socks5内网穿透。☆63Nov 28, 2025Updated 2 months ago
- Bypass Windows Defender☆62Jun 16, 2022Updated 3 years ago
- Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)☆64Feb 14, 2022Updated 4 years ago
- An HTTP request smuggling scanner designed to work at scale☆24Oct 2, 2022Updated 3 years ago
- ☆21Jun 13, 2022Updated 3 years ago
- springboot跨线程注入内存马☆123Apr 10, 2022Updated 3 years ago
- Oracle Access Manager Unauthenticated Attacker Vulnerability CVE-2021-35587☆42Mar 14, 2022Updated 3 years ago
- fastjson不出网利用、c3p0☆255Jul 30, 2021Updated 4 years ago
- burp插件开发笔记☆11Dec 26, 2021Updated 4 years ago
- CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server☆10Jul 6, 2024Updated last year
- Just simple PoC for the Atlassian Jira exploit. Provides code execution for unauthorised user on a server.☆11Jul 21, 2022Updated 3 years ago
- CVE-2021-4034 for single commcand☆10May 31, 2022Updated 3 years ago
- YangMiee攻击面梳理平台☆20Apr 25, 2025Updated 9 months ago
- The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224☆14Jan 10, 2020Updated 6 years ago
- 域信息收集工具☆11Jun 5, 2023Updated 2 years ago
- Conference Papers and Appendicies (USENIX Security, BlackHat, HITBSecConf, and BeVX)☆27Aug 6, 2023Updated 2 years ago
- ☆50Nov 4, 2022Updated 3 years ago
- linux ebpf backdoor demo☆12Nov 20, 2024Updated last year
- 小蓝本(https://www.xiaolanben.com/) 爬虫的 h_sign 签名JSRPC实现。nodejs 补环境也实现了☆13Apr 30, 2024Updated last year
- OpenAI ChatGPT, GPT-3, ChatGPT-API for go,ChatGPT in bash shell command line☆10Jan 1, 2023Updated 3 years ago
- Exfiltrate blind remote code execution output over DNS via Burp Collaborator.☆12Apr 26, 2020Updated 5 years ago
- PaddingZip is a tool that you can craft a zip file that contains the padding characters between the file content.☆81Aug 14, 2022Updated 3 years ago
- Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit☆112Jun 1, 2023Updated 2 years ago
- DeJITLeak: Eliminating JIT-Induced Timing Side-Channel Leaks☆15Sep 15, 2022Updated 3 years ago
- WEB 跨域postMessage() 漏洞挖掘工具,基本原理:使用AJAX 获取页面代码,结合iframe 和data 协议构造测试环境,然后在iframe 下的window.onmessage 中插入hook 监控onmessage 的参数,最后通过能否被原来的onme…☆11Sep 13, 2016Updated 9 years ago
- 使用JS监听获取dz密码☆12Sep 5, 2017Updated 8 years ago