X1r0z's Stars
digitalocean/nginxconfig.io
⚙️ NGINX config generator on steroids 💉
fullstorydev/grpcurl
Like cURL, but for gRPC: Command-line tool for interacting with gRPC servers
shockerli/go-awesome
Go 语言优秀资源整理,为项目落地加速🏃
ivanhao/pvetools
proxmox ve tools script(debian9+ can use it).Including email, samba, NFS set zfs max ram, nested virtualization ,docker , pci passthrough etc. for english user,please look the end of readme.
ExpLangcn/NucleiTP
自动整合全网Nuclei的漏洞POC,实时同步更新最新POC!
cider-security-research/cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
MrWQ/vulnerability-paper
收集的文章 https://mrwq.github.io/tools/paper/
FlyGoat/RyzenAdj
Adjust power management settings for Ryzen APUs
sleeyax/burp-awesome-tls
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
charonlight/NacosExploitGUI
Nacos漏洞综合利用GUI工具,集成了默认口令漏洞、SQL注入漏洞、身份认证绕过漏洞、反序列化漏洞的检测及其利用
m-sec-org/EZ
EZ是一款集信息收集、端口扫描、服务暴破、URL爬虫、指纹识别、被动扫描为一体的跨平台漏洞扫描器。
drak3hft7/Cheat-Sheet---Active-Directory
This cheat sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell.
alibaba/bytekit
Java Bytecode Kit
sule01u/SBSCAN
SBSCAN是一款专注于spring框架的渗透测试工具,可以对指定站点进行springboot未授权扫描/敏感信息扫描以及进行spring框架漏洞扫描与验证的综合利用工具。 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]
Whoopsunix/JavaRce
Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式
waderwu/extractor-java
CodeQL extractor for java, which don't need to compile java source
l4yn3/micro_service_seclab
Java漏洞靶场
jvm-rasp/jrasp-agent
专注于JVM的运行时防御系统RASP
laluka/jolokia-exploitation-toolkit
jolokia-exploitation-toolkit
l3yx/jdwp-codeifier
基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本(动态执行Java/Js代码并获得回显)
whocansee/FilelessAgentMemShell
无需文件落地Agent内存马生成器
xcanwin/CVE-2023-4357-Chrome-XXE
[漏洞复现] 全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞 EXP, 实现对访客者本地文件窃取. Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors.
CHYbeta/OddProxyDemo
ambionics/wrapwrap
Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.
cdhe/JavaSecInterview
打造最强的Java安全研究与安全开发面试题库,帮助师傅们找到满意的工作
step-by-step-wiki/GoBook
为你自己学的Go
chaitin/xtools
JacyCui/static-analysis
静态分析基础教程
BeichenDream/JDR
wh0amitz/SharpRODC
To audit the security of read-only domain controllers