高级PHP应用程序漏洞审核技术 by 80vul
☆182Mar 22, 2015Updated 10 years ago
Alternatives and similar repositories for pasc2at
Users that are interested in pasc2at are comparing it to the libraries listed below
Sorting:
- 记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获☆979Oct 8, 2018Updated 7 years ago
- PHP代码审计分段讲解☆1,721Aug 29, 2022Updated 3 years ago
- 就是一个练习RMI反序列化的最简单环境☆30Jan 8, 2022Updated 4 years ago
- 1000个PHP代码审计案例(2016.7以前乌云公开漏洞)☆1,110Jul 26, 2016Updated 9 years ago
- Code-Audit-Challenges☆990Nov 17, 2018Updated 7 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆754Apr 14, 2021Updated 4 years ago
- Java RCE 回显测试代码☆1,016Oct 15, 2020Updated 5 years ago
- java内存对象搜索辅助工具☆823Sep 23, 2022Updated 3 years ago
- a project aim to collect CTF web practices .☆678Feb 15, 2023Updated 3 years ago
- python安全和代码审计相关资料收集 resource collection of python security and code review☆1,352Aug 6, 2020Updated 5 years ago
- 整理收集Struts2漏洞环境☆270Jan 9, 2018Updated 8 years ago
- 绕过专业工具检测的Webshell研究文章和免杀的Webshell☆1,733Nov 15, 2020Updated 5 years ago
- 记录各语言、框架中危险的sink,个人代码审计、漏洞研究使用。☆117Dec 30, 2021Updated 4 years ago
- Web Security Technology & Vulnerability Analysis Whitepapers☆549Jan 1, 2019Updated 7 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,389Dec 16, 2022Updated 3 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)☆205Mar 19, 2022Updated 3 years ago
- 从零开始内网渗透学习☆3,010Apr 8, 2016Updated 9 years ago
- 总结了20+.Net反序列化文章,持续更新☆748Apr 3, 2024Updated last year
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,690Mar 14, 2024Updated last year
- 内网渗透中常用的c#程序整合成cs脚本,直接内存加载。持续更新~☆498Feb 13, 2020Updated 6 years ago
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。☆2,379Jan 16, 2026Updated last month
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,404Jan 18, 2022Updated 4 years ago
- CMS漏洞测试用例集合☆1,764Dec 20, 2018Updated 7 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆819Sep 4, 2019Updated 6 years ago
- 一个关于PHP的代��码审计项目☆1,913Sep 17, 2019Updated 6 years ago
- java代码审计学习笔记☆679Feb 24, 2020Updated 6 years ago
- K8S安全攻防思维导图 | Docker安全攻防思维导图☆417Jun 22, 2022Updated 3 years ago
- 该项目是通过go语言实现防止rmi利用被反置的问题。☆44Dec 30, 2021Updated 4 years ago
- 渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework☆1,952Mar 28, 2022Updated 3 years ago
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆310Jun 17, 2022Updated 3 years ago
- dynamic crawler for web vulnerability scanner☆252Mar 4, 2020Updated 6 years ago
- Java web路由内存分析工具☆438May 22, 2025Updated 9 months ago
- Bypass firewall for traffic forwarding using webshell☆1,430Sep 29, 2021Updated 4 years ago
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,198Oct 17, 2023Updated 2 years ago
- Burp suite 分块传输辅助插件☆2,023Feb 23, 2022Updated 4 years ago
- A Go library for generating Java deserialization payloads.☆155Sep 9, 2024Updated last year