Pinned Repositories
aswan
陌陌风控系统静态规则引擎,零基础简易便捷的配置多种复杂规则,实时高效管控用户异常行为。
bfe
Blasting_dictionary
爆破字典
collection-document
Collection of quality safety articles
community-id-spec
An open standard for hashing network flows into identifiers, a.k.a "community IDs".
ja3
JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
lua-resty-waf
High-performance WAF built on the OpenResty stack
openrasp-iast
IAST 灰盒扫描工具
redis-rce
Redis 4.x/5.x RCE
Redis-RCE-1
remote code execute for redis4 and redis5
l3ngd0n's Repositories
l3ngd0n/bfe
l3ngd0n/redis-rce
Redis 4.x/5.x RCE
l3ngd0n/SysmonHunter
An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal
l3ngd0n/AgentSmith-HIDS
Low performance loss and by LKM technology HIDS tool, from E_Bwill.
l3ngd0n/APT_REPORT
Interesting apt report collection and some special ioc express
l3ngd0n/aquatone
A Tool for Domain Flyovers
l3ngd0n/awesome-go
A curated list of awesome Go frameworks, libraries and software
l3ngd0n/awesome-security
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
l3ngd0n/Awesome-WAF
🔥 Everything awesome about web-application firewalls (WAF).
l3ngd0n/aws-iam-authenticator
A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster
l3ngd0n/dataflowr
code for deep learning courses
l3ngd0n/EventGhost
EventGhost is an advanced, yet easy-to-use extensible automation tool for Windows.
l3ngd0n/fastjson-blacklist
l3ngd0n/fastjson-rce-exploit
exploit for fastjson remote code execution vulnerability
l3ngd0n/fastjson-remote-code-execute-poc
fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java
l3ngd0n/Go-SCP
Go programming language secure coding practices guide
l3ngd0n/gopher-redis-auth
This tool generates gopher link for exploiting SSRF and gaining RCE in redis with password.用于生成附带密码认证的gopher内容,用于SSRF等利用。
l3ngd0n/insight
洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
l3ngd0n/internet-security
互联网资安风控实战
l3ngd0n/ioc-explorer
Explore Indicators of Compromise Automatically
l3ngd0n/jniwebshell
l3ngd0n/KCon
KCon is a famous Hacker Con powered by Knownsec Team.
l3ngd0n/malware-ioc
Indicators of Compromises (IOC) of our various investigations
l3ngd0n/pytorch-tutorial
PyTorch Tutorial for Deep Learning Researchers
l3ngd0n/Sinkholes
:bug: Malware Sinkhole List in various formats
l3ngd0n/URL-Classification
Machine learning to classify Malicious (Spam)/Benign URL's
l3ngd0n/USB-Bootkit
l3ngd0n/Venom
Venom - A Multi-hop Proxy for Penetration Testers
l3ngd0n/vtest
用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
l3ngd0n/ysoserial.net
Deserialization payload generator for a variety of .NET formatters