Pinned Repositories
0-sec
0sec-search
新版零组资料文库离线漏洞名搜索,功能:更新 、查询 (不包含漏洞详情)
1earn
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
360protect
adbwireless
ADB Wireless source has gone missing, cloning it if needed here.
frida-ipa-dump
marshalsec
一个Java编码、解码漏洞利用工具,加入了Dubbo-Hessian2和Apache Shiro PaddingOracle CBC的exploits,并修改了RMIRefServer,使用tomcat-el依赖,实现RMI攻击8u191以上版本jdk服务(TomcatELRMIRefServer)
movecert
movecert
network-security-config-frida
Analysis of different techniques to bypass Network Security Config with Frida
Spring4Shell-POC-1
Spring4Shell Proof Of Concept/Information CVE-2022-22965
fishso's Repositories
fishso/Spring4Shell-POC-1
Spring4Shell Proof Of Concept/Information CVE-2022-22965
fishso/1earn
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
fishso/Apt_t00ls
高危漏洞利用工具
fishso/burpgpt
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.
fishso/BurpSuite
Burp Suite loader version --> ∞
fishso/Burpy
A plugin that allows you execute python and get return to BurpSuite.
fishso/BypassPathTraversal
fishso/cn.wankkoree.xposed.enablewebviewdebugging
启用 WebView 调试[旧](Enable WebView Debugging[old])
fishso/com.coderstory.toolkit
CorePatch / 核心破解
fishso/CustomContextMenu
自定义Windows系统右键菜单工具
fishso/CVE-2022-22965
Vulnerabilidad RCE en Spring Framework vía Data Binding on JDK 9+
fishso/EasyProtector
一行代码检测XP/调试/多开/模拟器/root
fishso/HaE
HaE - Highlighter and Extractor, 赋能白帽 高效作战
fishso/jade-db
"他山之石、可以攻玉":复旦白泽智能发布面向国内开源和国外商用大模型的Demo数据集JADE-DB
fishso/LeakValue
Exploit for CVE-2022-20452, privilege escalation on Android from installed app to system app (or another app) via LazyValue using Parcel after recycle()
fishso/magisk_overlayfs
Make system partition become read-write (it is also possible without Magisk)
fishso/MyHooker
搜集平时学习工作中常用的frida脚本
fishso/MyTools
渗透测试脚本, by Tr0e.
fishso/pinduoduo_backdoor
拼多多apk内嵌提权代码,及动态下发dex分析
fishso/pinduoduo_backdoor_unpacker
Samples and Unpacker of malicious backdoors and exploits developed and used by Pinduoduo
fishso/QingScan
一个漏洞扫描器粘合剂,添加目标后30款工具自动调用;支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证,SSH批量测试、vulmap。
fishso/rag_for_beginners
fishso/secguide
面向开发人员梳理的代码安全指南
fishso/Spring-CVE
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell".
fishso/Spring4Shell-POC
Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
fishso/SpringShell
Spring4Shell - Spring Core RCE - CVE-2022-22965
fishso/strongR-frida
fishso/strongR-frida-android
An anti detection version frida-server for android.
fishso/Vulnerability-Wiki
一个基于 docsify 的综合漏洞知识库,目前漏洞数量 900+
fishso/Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1