Pinned Repositories
CVE-2022-0540-RCE
Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540)
CVE-2022-26133
Atlassian Bitbucket Data Center RCE(CVE-2022-26133) verification.
gadgetinspector
A byte code analyzer for finding deserialization gadget chains in Java applications
JNDIExploit
Optimization of feihong-cs/JNDIExploit project.
PearlyNautilus.github.io
Snowflake_Python
Optimize the problem of generating too many TCP connections using snowflake algorithm with Python.
Vuln-Env
Vuln-Environments.
Pear1y's Repositories
Pear1y/CVE-2022-26133
Atlassian Bitbucket Data Center RCE(CVE-2022-26133) verification.
Pear1y/CVE-2022-0540-RCE
Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540)
Pear1y/Vuln-Env
Vuln-Environments.
Pear1y/1earn
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Pear1y/All-Defense-Tool
本项目集成了全网优秀的攻防工具项目,包含自动化利用,子域名、敏感目录、端口等扫描,各大中间件,cms漏洞利用工具以及应急响应等资料。
Pear1y/bypass-403
A simple script just made for self use for bypassing 403
Pear1y/chinese-programmer-wrong-pronunciation
**程序员容易发音错误的单词
Pear1y/coder-kung-fu
开发内功修炼
Pear1y/developer-roadmap
Interactive roadmaps, guides and other educational content to help developers grow in their careers.
Pear1y/DevSecOps
Ultimate DevSecOps library
Pear1y/extractor-java
CodeQL extractor for java, which don't need to compile java source
Pear1y/f403
40x bypass
Pear1y/FastjsonExploit
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
Pear1y/firmeye
IoT固件漏洞挖掘工具
Pear1y/Gopherus
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
Pear1y/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Pear1y/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
Pear1y/LearnGolang
《Golang学习资源大全-只有Go语言才能改变世界》Only Golang Can Change The World.
Pear1y/learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Pear1y/linbing
本系统是对Web中间件和Web框架进行自动化渗透的一个系统,根据扫描选项去自动化收集资产,然后进行POC扫描,POC扫描时会根据指纹选择POC插件去扫描,POC插件扫描用异步方式扫描.前端采用vue技术,后端采用python fastapi.
Pear1y/opnsense-src
OPNsense operating system on top of FreeBSD
Pear1y/Pear1y
Pear1y/pedrib-PoCs
Advisories, proof of concept files and exploits that have been made public by @pedrib.
Pear1y/PentestTricks
每周分享一些关于渗透测试的知识点
Pear1y/perl_spreadsheet_excel_rce_poc
POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library
Pear1y/Pocsuite
This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.
Pear1y/SplunkWhisperer2
Local privilege escalation, or remote code execution, through Splunk Universal Forwarder (UF) misconfigurations
Pear1y/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Pear1y/webshell
This is a webshell open source project
Pear1y/ysomap
A helpful Java Deserialization exploit framework.