martinzhou2015 / writeupsLinks
☆10Updated 5 years ago
Alternatives and similar repositories for writeups
Users that are interested in writeups are comparing it to the libraries listed below
Sorting:
- ☆101Updated 2 years ago
- ☆62Updated 5 years ago
- ☆57Updated 5 years ago
- ☆80Updated 5 years ago
- 总结了免杀webshell的方法论☆48Updated 5 years ago
- Java After-Deserialization Attack☆79Updated 4 years ago
- Java 反序列化学习的实验代码 Java_deserialize_vuln_lab☆87Updated 7 years ago
- Shiro_721 exp 纯手工实现Padding Oracle整个过程☆67Updated 6 years ago
- Java Security Documents☆81Updated 6 years ago
- ☆146Updated 7 years ago
- Local penetration test experimental environment☆33Updated 6 years ago
- 参考《利用分块传输吊打所有WAF》修改的requests的Adapter☆98Updated 7 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆24Updated 6 years ago
- ☆28Updated 6 years ago
- fastjson-1.2.58-rce with h2 database☆34Updated 6 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆23Updated 6 years ago
- SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.☆104Updated 7 years ago
- ☆59Updated 5 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Updated 6 years ago
- 存放一些自己写过的漏洞利用脚本☆48Updated 6 years ago
- ☆32Updated 5 years ago
- Knowledge Base 慢雾安全团队知识库☆29Updated 6 years ago
- ☆73Updated 3 years ago
- kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609☆89Updated 6 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆58Updated 6 years ago
- fastjson-1.2.47☆67Updated 6 years ago
- Java version of Tomcat-AJP-EXP, for practice☆42Updated 5 years ago
- Papers☆34Updated 6 years ago
- 个人用于在自动化挖掘gadget时,方便查找gadget chains中class所在jar包,以助于便捷审计测试gadget有效性的那么一个小工具。☆60Updated 5 years ago
- Some debug notes and exploit(not blind)☆39Updated 6 years ago