Pinned Repositories
Bookmarks
一些随手存的文章和pdf
CodeqlNote
Codeql学习笔记
Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
JavaFileDict
Java应用的一些配置文件字典,来源于公开的字典与平时收集
JSpector
A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
nbxiglk0
Note
笔记
Red-Team-links
2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。
nbxiglk0's Repositories
nbxiglk0/Note
笔记
nbxiglk0/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
nbxiglk0/Bookmarks
一些随手存的文章和pdf
nbxiglk0/Red-Team-links
2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。
nbxiglk0/CodeqlNote
Codeql学习笔记
nbxiglk0/JavaFileDict
Java应用的一些配置文件字典,来源于公开的字典与平时收集
nbxiglk0/JSpector
A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
nbxiglk0/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
nbxiglk0/MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
nbxiglk0/nbxiglk0
nbxiglk0/ParaForge
A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
nbxiglk0/pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
nbxiglk0/router-router
Java web路由内存分析工具
nbxiglk0/OFBiz-Docker
Deploy Apache OFBiz Using Docker
nbxiglk0/secguide
面向开发人员梳理的代码安全指南
nbxiglk0/vRealizeLogInsightRCE
POC for RCE using vulnerabilities described in VMSA-2023-0001
nbxiglk0/vueinfo
Extract website information from Vue
nbxiglk0/web-chains
Web 版 Java Payload 生成与漏洞利用工具,提供 Java 反序列化、Hessian 1/2 反序列化等 Payload 生成,以及 JNDI Exploit、Fake Mysql Exploit、JRMPListener 等相关利用
nbxiglk0/WeblogicEnvironment
Weblogic环境搭建工具
nbxiglk0/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.