me1ons's Stars
wupeixuan/JDKSourceCode1.8
Jdk1.8源码解析
knight0x07/ImpulsiveDLLHijack
C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
xiecat/goblin
一款适用于红蓝对抗中的仿真钓鱼系统
boku7/azureOutlookC2
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.
blackarrowsec/pivotnacci
A tool to make socks connections through HTTP agents
dromara/hutool
🍬A set of tools that keep Java sweet.
HackJava/Shiro
《Shiro漏洞研究》
Flangvik/SharpProxyLogon
C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection
qtc-de/remote-method-guesser
Java RMI Vulnerability Scanner
G-Security-Team/GSLibrary
轻量级知识库&POC管理平台
iceyhexman/onlinetools
在线cms识别|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..
ice-doom/EyeJo
EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。
0x727/ShuiYing_0x727
检测域环境内,域机器的本地管理组成员是否存在弱口令和通用口令,对域用户的权限分配以及域内委派查询
LS95/gopher-redis-auth
This tool generates gopher link for exploiting SSRF and gaining RCE in redis with password.用于生成附带密码认证的gopher内容,用于SSRF等利用。
paradiseduo/ApplicationScanner
An open source application scanning tool
sting8k/BurpSuite_403Bypasser
Burpsuite Extension to bypass 403 restricted directory
Y4er/dotnet-deserialization
dotnet 反序列化学习笔记
HackerDev-Felix/CVEAP
Send CVE information to the specified mailbox (from Github)
yocontra/JMD
Java bytecode analysis/deobfuscation tool
phith0n/xray-poc-generation
🧬 辅助生成 XRay YAML POC
su18/MemoryShell
JavaWeb MemoryShell Inject/Scan/Killer/Protect Research & Exploring
bytedance/Elkeid
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.
zsdlove/Hades
Static code auditing system
zifeihan/friday
java runtime decompiler (java实时反编译工具)
huoji120/DuckMemoryScan
检测绝大部分所谓的内存免杀马
fynch3r/Gadgets
Java反序列化漏洞利用链补全计划,仅用于个人归纳总结。
feihong-cs/Java-Rce-Echo
Java RCE 回显测试代码
GrrrDog/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
Adrninistrator/java-all-call-graph
Generate all call graph for Java Code.
Yaxser/Backstab
A tool to kill antimalware protected processes