tcyba / this_is_my_study

Related projects ⓘ

Alternatives and complementary repositories for this_is_my_study

• HackJava / Spring
  《Spring漏洞研究》
  ☆44Updated 2 years ago
• SummerSec / LookupInterface
  CodeQL 寻找 JNDI利用 Lookup接口
  ☆162Updated 2 years ago
• xhycccc / Shiro-Vuln-Demo
  Shiro漏洞实例源码
  ☆25Updated 3 years ago
• wh1t3p1g / tabby-vul-finder
  A vul-finder for loading CPG and automated finding vul-call-chains
  ☆35Updated last month
• su18 / rasp-vuln
  当死去的记忆突然开始攻击我，我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。
  ☆78Updated 2 years ago
• kyo-w / Spel-research
  Spel-research
  ☆24Updated 2 years ago
• hosch3n / FastjsonVulns
  [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
  ☆90Updated 2 years ago
• 0linlin0 / Java
  java
  ☆54Updated last year
• cokeBeer / go-cves
  收录go语言编写的项目、框架和组件出现的cve，或者一些相关的利用方式的文章
  ☆37Updated last year
• HackJava / JNDI
  《JNDI-深入理解Java万恶之源》
  ☆39Updated last year
• KpLi0rn / ysoserial
  在原有yso基础上实现依赖分离，内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆68Updated 3 years ago
• 0xrumble / BytecodeScreen
  ☆51Updated 2 years ago
• lcark / Tai-e-demo
  用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo
  ☆33Updated 7 months ago
• wh1t3p1g / tabby-intellij-plugin
  A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
  ☆30Updated last week
• R17a-17 / JavaVulnSummary
  Java漏洞分析汇合
  ☆143Updated 2 years ago
• xiaopan233 / GenerateNoHard
  本工具的定位是快速生成Java安全相关的Payload，如内存马、反序列化链、JNDI url、Fastjson等，动态生成相关Payload，并附带相应的文档。
  ☆90Updated 2 years ago
• woodpecker-appstore / java-memshell-generator
  Java 内存马生成插件
  ☆50Updated last year
• ttonys / CodeQLAnalyseJar
  CodeQL分析闭源Jar包脚本，基于Apache Ant构建CodeQL数据库
  ☆29Updated 2 years ago
• longofo / Apache-Dubbo-Hessian2-CVE-2021-43297
  Apache Dubbo Hessian2 CVE-2021-43297 demo
  ☆46Updated 2 years ago
• mark0smith / Kunlun-M-GUI
  Kunlun-M 的GUI程序
  ☆52Updated 2 years ago
• lz2y / DubboPOC
  Apache Dubbo漏洞测试Demo及其POC
  ☆61Updated last year
• rmb122 / easyrasp
  简单实现的 Java RASP
  ☆35Updated 4 years ago
• bitterzzZZ / CVE-2021-43297-POC
  CVE-2021-43297 POC，Apache Dubbo<= 2.7.13时可以实现RCE
  ☆38Updated 2 years ago
• Hackaspx / Hackaspx
  《ASPX安全-只有ASPX安全才能拯救.NET》Only ASPX Security Can Save The NET.
  ☆33Updated 2 years ago
• K1p2y3 / Tencent_Yun_tools
  ☁️Tencent Cloud AccessKey tools
  ☆16Updated 4 months ago
• turn1tup / JvmRaspBypass
  ☆4Updated 2 years ago
• welk1n / FastjsonPocs
  一些结合第三方组件的Fastjson POC，在1.2.48以后版本中陆续被添加至黑名单。
  ☆56Updated 5 years ago
• Jewel591 / suidcheck
  Linux SUID 提权检测脚本，自动分析具有 s 权限的可执行文件并给出相应的提权利用方法
  ☆48Updated 4 years ago