Pinned Repositories
amazon-eks-ami
Packer configuration for building a custom EKS AMI
ant-application-security-testing-benchmark
classpy
GUI tool for investigating Java class files
dirtycow
django-cms
django-cms
dnsFookup
DNS rebinding toolkit
Excel-XLSX-Export
Excel 前端JavaScript导出,减轻后端服务器导出负担
GScan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
HackerOneReports
Here you can find mostly all disclosed h1 reports
hosts
镜像:https://coding.net/u/scaffrey/p/hosts/git
K0reyoshi's Repositories
K0reyoshi/amazon-eks-ami
Packer configuration for building a custom EKS AMI
K0reyoshi/ant-application-security-testing-benchmark
K0reyoshi/classpy
GUI tool for investigating Java class files
K0reyoshi/dnsFookup
DNS rebinding toolkit
K0reyoshi/Excel-XLSX-Export
Excel 前端JavaScript导出,减轻后端服务器导出负担
K0reyoshi/GScan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
K0reyoshi/HackerOneReports
Here you can find mostly all disclosed h1 reports
K0reyoshi/hosts
镜像:https://coding.net/u/scaffrey/p/hosts/git
K0reyoshi/javaopenrasp
A Java Rasp Demo
K0reyoshi/jndi_tool
JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具
K0reyoshi/JNDIExploit-1
一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)
K0reyoshi/jxwaf
JXWAF(锦衣盾)是一款基于openresty(nginx+lua)开发的下一代web应用防火墙
K0reyoshi/K0reyoshi
Config files for my GitHub profile.
K0reyoshi/K0scan
K0reyoshi/learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
K0reyoshi/logs
split logs
K0reyoshi/metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
K0reyoshi/Mitigating-Web-Shells
Guidance for mitigation web shells. #nsacyber
K0reyoshi/neuvector
K0reyoshi/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
K0reyoshi/php-malware-finder
Detect potentially malicious PHP files
K0reyoshi/POC-T
渗透测试插件化并发框架
K0reyoshi/ScopeSentry
ScopeSentry-网络空间测绘、子域名枚举、端口扫描、敏感信息发现、漏洞扫描、分布式节点
K0reyoshi/shellcheck
ShellCheck, a static analysis tool for shell scripts
K0reyoshi/snapshot
Application responsible for managing a snapshot of content originating from a DuraCloud space
K0reyoshi/sonar-java
:coffee: SonarSource Static Analyzer for Java Code Quality and Security
K0reyoshi/vue-element-admin
K0reyoshi/VulApps
快速搭建各种漏洞环境(Various vulnerability environment)
K0reyoshi/webshell
This is a webshell open source project
K0reyoshi/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档