Pinned Repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
Above
Invisible network protocol sniffer
akamai-security-research
This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.
Android-Vulnerability-Mining
Android APP漏洞之战系列,主要讲述如何快速挖掘APP漏洞
hackingtool
ALL IN ONE Hacking Tool For Hackers
ituring_books
图灵程序设计丛书分享
Tbed
Hellohao图床、图像托管/分享/水印、存储源分发、图像管理、前后端分离。https://tbed.wwery.com
Vuln-POC
一个各类漏洞POC知识库
only-sunny's Repositories
only-sunny/Awesome-Redteam
一个攻防知识仓库
only-sunny/camille
基于Frida的Android App隐私合规检测辅助工具
only-sunny/Challenges_2024_Public
Files + Solutions for DownUnderCTF 2024 Challenges
only-sunny/CTF1
关于我在CTF中的所有东西
only-sunny/CVE-2024-38077-POC
原文已被作者删除,备份用,非原创,EXP & POC
only-sunny/DecryptTools
DecryptTools-综合解密
only-sunny/docker_practice
Learn and understand Docker&Container technologies, with real DevOps practice!
only-sunny/EHole_magic
EHole(棱洞)魔改。可对识别出来的重点资产进行漏洞检测(支持从hunter和fofa中提取资产)支持对ftp服务识别及爆破
only-sunny/ElectricRat
电气鼠靶场系统是一种带有漏洞的Web应用程序,旨在为Web安全渗透测试学习者提供学习和实践的机会。The Electrical Mouse Target Range System is a web application with vulnerabilities designed to provide learning and practice opportunities for web security penetration testing learners.
only-sunny/enhanced-FaaS-in-China
提升部署在cloudflare、vercel或netlify的网页在**的访问速度和稳定性 Improve the access speed and stability in China of web pages hosted on cloudflare, vercel or netlify by merely changing your CNAME record
only-sunny/FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
only-sunny/HackJava
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
only-sunny/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
only-sunny/Helios
Helios: Automated XSS Testing
only-sunny/JavaThings
Share Things Related to Java - Java安全漫谈笔记相关内容
only-sunny/MultiDump
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
only-sunny/OpenArk
The Next Generation of Anti-Rookit(ARK) tool for Windows.
only-sunny/OSCP
OSCP Cheat Sheet
only-sunny/Pearcleaner
A free, source-available and fair-code licensed mac app cleaner
only-sunny/PhishingBook
钓鱼攻击资源汇总&备忘录
only-sunny/Proxyman
Modern. Native. Delightful Web Debugging Proxy for macOS, iOS, and Android ⚡️
only-sunny/RedTeamNotes
红队笔记
only-sunny/SafeLine
serve as a reverse proxy to protect your web services from attacks and exploits.
only-sunny/sparkzxl-framework
sparkzxl 基于spring boot的组件库
only-sunny/toolkit
The essential toolkit for reversing, malware analysis, and cracking
only-sunny/Translate_video_slides
自动提取的翻译视频中未提供的PPT部分
only-sunny/Vulhub-Reproduce
一个Vulhub漏洞复现知识库
only-sunny/vulnerability-paper
收集的文章 https://mrwq.github.io/vulnerability-paper/
only-sunny/YRX-Web-Reverse-OJ
猿人学第一届web逆向攻防大赛题目算法还原
only-sunny/ysogate
Java反序列化/JNDI注入利用工具,支持多种高版本bypass,支持回显/内存马等多种扩展利用。