0linlin0's Stars
excalidraw/excalidraw
Virtual whiteboard for sketching hand-drawn like diagrams
ventoy/Ventoy
A new bootable USB solution.
ivy-llc/ivy
Convert Machine Learning Code Between Frameworks
trickest/cve
Gather and update all available and newest CVEs with their PoC.
Bypass007/Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
lvwzhen/law-cn-ai
⚖️ AI 法律助手
Threekiii/Awesome-POC
一个漏洞POC知识库 目前数量 1000+
arainho/awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
teamssix/awesome-cloud-security
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
pen4uin/java-memshell-generator
一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.
Threekiii/Vulnerability-Wiki
基于 docsify 快速部署 Awesome-POC 中的漏洞文档
onhexgroup/Conferences
Conference presentation slides
pascal-lab/Tai-e
An easy-to-learn/use static analysis framework for Java
zema1/watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
woodpecker-framework/woodpecker-framework-release
高危漏洞精准检测与深度利用框架
youthlql/JavaYouth
主要是Java技术栈的文章
c0ny1/java-memshell-scanner
通过jsp脚本扫描java web Filter/Servlet型内存马
assetnote/surf
Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.
Soufaker/laoyue
自动化监控赏金项目-定期收集资产,漏洞进行推送(现在可以稳定收菜,有问题issues我)-关注-夜安团队SEC-加我微信进群可下载最新自动化版本,git目前不会更新了,群里目前版本1.3.1,项目优化了非常多,功能也加入了非常多,建议进群(没收费项目放心白嫖)
kyo-w/router-router
Java web路由内存分析工具
Kento-Sec/chatGPT-CodeReview
这是一个调用chatGPT进行代码审计的工具
BytecodeDL/ByteCodeDL
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
f0ng/JavaFileDict
Java应用的一些配置文件字典,来源于公开的字典与平时收集
dhmosfunk/CVE-2023-25690-POC
CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.
threedr3am/tomcat-cluster-session-sync-exp
tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484是session持久化的洞,这个是session集群同步的洞!
4ra1n/java-gate
Java JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders
BeichenDream/JDR
jar-analyzer/jar-analyzer-v1-cli
本项目可以把一个或多个Jar包构建成数据库,用户连接数据库后通过SQL语句任意搜索需要的内容,例如类和方法信息,方法调用关系等
vulhub/JNDIExploit
A malicious LDAP server for JNDI injection attacks