jweny

潜水安全研究员。非红蓝，勿溯源。

海底

Pinned Repositories

Awesome-Security-Books
一个搬运工项目，分享一点点之前看过的文档/结构图/思维导图/ppt/电子书
28 2 09
check_jsonp_based_on_ast
基于AST的JSONP劫持漏洞自动化挖掘
Language:Go94 2 07
CVE-2022-23131
cve-2022-23131 exp
Language:Go94 3 142
Distributed_Docker_Openvas
基于Docker集群的分布式Openvas(GVM)。本项目包括：GVM-Docker镜像，Openvas-Scanner-Docker镜像，GVM远程调度(golang)。
Language:XSLT28 2 26
MemShellDemo
内存马Demo合集 memshell demo for java / php / python
Language:Java396 8 074
pocassist
傻瓜式漏洞PoC测试框架
Language:Go1.4k 28 48245
pocassistdb
database of pocassist（漏洞库）
81 4 021
pocassistweb
web ui of pocassist
Language:TypeScript35 3 111
shiro-cve-2020-17523
shiro-cve-2020-17523 漏洞的两种绕过姿势分析以及配套的漏洞环境
Language:Java111 3 114
goblin
一款适用于红蓝对抗中的仿真钓鱼系统
Language:Go1.4k 17 14201

jweny's Repositories

jweny/pocassist
傻瓜式漏洞PoC测试框架
Language:Go1.4k 28 48245
jweny/MemShellDemo
内存马Demo合集 memshell demo for java / php / python
Language:Java396 8 074
jweny/shiro-cve-2020-17523
shiro-cve-2020-17523 漏洞的两种绕过姿势分析以及配套的漏洞环境
Language:Java111 3 114
jweny/check_jsonp_based_on_ast
基于AST的JSONP劫持漏洞自动化挖掘
Language:Go94 2 07
jweny/CVE-2022-23131
cve-2022-23131 exp
Language:Go94 3 142
jweny/pocassistdb
database of pocassist（漏洞库）
81 4 021
jweny/pocassistweb
web ui of pocassist
Language:TypeScript35 3 111
jweny/Awesome-Security-Books
一个搬运工项目，分享一点点之前看过的文档/结构图/思维导图/ppt/电子书
28 2 09
jweny/Distributed_Docker_Openvas
基于Docker集群的分布式Openvas(GVM)。本项目包括：GVM-Docker镜像，Openvas-Scanner-Docker镜像，GVM远程调度(golang)。
Language:XSLT28 2 26
jweny/gosqlmap
golang 实现 sqlmap
Language:Go26 5 07
jweny/HTTP-Request-Smuggling-Checker
A tool to quickly check HTTP-Request-Smuggling, written by python3
Language:Python12 1 05
jweny/log4j-vul-env
log4j tomcat web漏洞环境
Language:Java10 1 04
jweny/cve-2022-22980
CVE-2022-22980 exp && 靶场
Language:Java9 2 03
jweny/threat-intelligence
Language:Python2 0 02
jweny/capsule8
Capsule8: open-source cloud-native behavioral security monitoring
Language:Go1 0 01
jweny/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
Language:Go1 0 01
jweny/crawlergo
A powerful browser crawler for web vulnerability scanners
Language:Go1 0 02
jweny/DongTai-agent-java
“火线～洞态IAST”是一款专为甲方安全人员、代码审计工程师和0 Day漏洞挖掘人员量身打造的辅助工具，可用于集成devops环境进行漏洞检测、作为代码审计的辅助工具和自动化挖掘0 Day。
Language:Java1 0 01
jweny/jweny
1 1 0
jweny/jweny.github.io
一个小博客
Language:HTML1 1 01
jweny/PetitPotato
Local privilege escalation via PetitPotam
Language:C1 0 0
jweny/xray
一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Language:Vue1 0 0
jweny/CobaltStrike
CobaltStrike's source code
jweny/goysoserial
go-ysoserial
Language:Go0 01
jweny/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
1
jweny/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
0 0
jweny/reapoc
OpenSource Poc && Vulnerable-Target Storage Box.
Language:Python0 0
jweny/screenshot-to-code
Drop in a screenshot and convert it to clean code (HTML/Tailwind/React/Vue)
jweny/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Language:Dockerfile0 0
jweny/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Language:Java0 01