Pinned Repositories
AxinSAST
BugBountyNotes
简单记录下自己在挖掘SRC
CVE-2020-15148-bypasses
几条关于CVE-2020-15148(yii2反序列化)的绕过
cve-2020-2555
CVE-2020-2555
FastjsonScan
一个简单的Fastjson反序列化检测burp插件
genealogy
利用二叉树实现一个简单的家谱管理系统
javasec
自己学习java安全的一些总结,主要是安全审计相关
vuls
收集整理一些漏洞,利用方法,poc等等,方便快速查阅
webshell_bypass_research
自己零零散散研究以及收集的一些免杀技巧,以便为后续查阅,拓宽思路
xssprobe
xss探针
Maskhe's Repositories
Maskhe/javasec
自己学习java安全的一些总结,主要是安全审计相关
Maskhe/FastjsonScan
一个简单的Fastjson反序列化检测burp插件
Maskhe/CVE-2020-15148-bypasses
几条关于CVE-2020-15148(yii2反序列化)的绕过
Maskhe/vuls
收集整理一些漏洞,利用方法,poc等等,方便快速查阅
Maskhe/BugBountyNotes
简单记录下自己在挖掘SRC
Maskhe/cve-2020-2555
CVE-2020-2555
Maskhe/AxinSAST
Maskhe/evil_ftp
Maskhe/vulcheck-java-agent
Maskhe/xxeDemo
Maskhe/BugNotes
Bypasses and check for vulns
Maskhe/codespace_demo
Maskhe/composer-demo
Maskhe/CVE-2021-21300
Maskhe/django-filter-tables2-admin
A demo of customized admin developed with django-filter and django-tables2
Maskhe/docker-tutorial
🐳Docker入门学习笔记
Maskhe/DongTai
DongTai is an interactive application security testing(IAST) product that supports the detection of OWASP WEB TOP 10 vulnerabilities, multi-request related vulnerabilities (including logic vulnerabilities, unauthorized access vulnerabilities, etc.), third-party component vulnerabilities, etc.
Maskhe/DongTai-agent-java
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
Maskhe/dongtai-core
Provides the Django Model class that the DongTai project depends on, the Django API abstract class of the DongTai project, the vulnerability detection engine, constants, documents, etc.
Maskhe/DongTai-engine
DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, data packet replay processing, etc.
Maskhe/Maskhe
test
Maskhe/mosec-composer-plugin
用于检测composer项目的第三方依赖组件是否存在安全漏洞。
Maskhe/mosec-maven-plugin
用于检测maven项目的第三方依赖组件是否存在安全漏洞。
Maskhe/mosec-node-plugin
用于检测 node 项目的第三方依赖组件是否存在安全漏洞。
Maskhe/obsidian-plugin-demo
obsidian plugin learning demo
Maskhe/rmi_codebase_poc
Maskhe/rmi_cve20173241
Maskhe/test
Maskhe/Y4er
README
Maskhe/ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。