pmiaowu's Stars
hollischuang/toBeTopJavaer
To Be Top Javaer - Java工程师成神之路
apache/skywalking
APM, Application Performance Monitoring System
projectdiscovery/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
labring/sealos
Sealos is a production-ready Kubernetes distribution that provides a one-stop solution for both public and private cloud. You can run any Docker image on sealos, start high availability databases like mysql/pgsql/redis/mongo, develop backend applications using node.js serverless
github/codeql
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Bypass007/Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
xaoyaoo/PyWxDump
获取微信账号信息(昵称/账号/手机/邮箱/数据库密钥/wxid);PC微信数据库读取、解密脚本;聊天记录查看工具;聊天记录导出为html(包含语音图片)。支持多账户信息获取,支持所有微信版本。
cdk-team/CDK
📦 Make security testing of K8s, Docker, and Containerd easier.
RipplePiam/MobaXterm-Chinese-Simplified
MobaXterm 简体中文汉化版🌏🖥🖥🖥 【💌慢工精心制作,"提示"也汉化💻】 【😍控件布局精细调整】
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
welk1n/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
polarismesh/polaris
Service Discovery and Governance Platform for Microservice and Distributed Architecture
aress31/burpgpt
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.
wyzxxz/jndi_tool
JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具
summitt/Nope-Proxy
TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
jweny/pocassist
傻瓜式漏洞PoC测试框架
wh1t3p1g/tabby
A CAT called tabby ( Code Analysis Tool )
fnmsd/MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
tide-emergency/yingji
应急相关内容积累
chriskaliX/AD-Pentest-Notes
用于记录内网渗透(域渗透)学习 :-)
4ra1n/jar-analyzer-gui
建议使用新版:https://github.com/jar-analyzer/jar-analyzer
webraybtl/CodeQLpy
CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具,目前仅支持java语言。实现从源码反编译,数据库生成,脆弱性发现的全过程,可以辅助代码审计人员快速定位源码可能存在的漏洞。
rmb122/rogue_mysql_server
A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.
Y4er/ysoserial
ysoserial修改版,着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。
woodpecker-framework/ysoserial-for-woodpecker
给woodpecker框架量身定制的ysoserial
Bl0omZ/JNDIEXP
JNDI在java高版本的利用工具,FUZZ利用链
yaklang/yaklang
A programming language exclusively designed for cybersecurity
Firebasky/CodeqlLearn
记录学习codeql的过程
jjf012/gopoc
用cel-go重现了长亭xray的poc检测功能的轮子
Esonhugh/Docker-Release-Agent-Escape
Docker 逃逸 Release Agent 利用始末