Pinned Repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
cheatsheets
random brain dumps
codeql.nvim
CodeQL plugin for Neovim
codeql_grehack_workshop
GreHack 2021 CodeQL for Java workshop
DupeKeyInjector
DupeKeyInjector
JRE8u20_RCE_Gadget
JRE8u20_RCE_Gadget
octo.nvim
Edit and review GitHub issues and pull requests from the comfort of your favorite editor
S2-046-PoC
S2-046-PoC
SerialKillerBypassGadgetCollection
Collection of bypass gadgets to extend and wrap ysoserial payloads
ysoserial.net
Deserialization payload generator for a variety of .NET formatters
pwntester's Repositories
pwntester/BlockingServer
Web Server that serves a single file and keeps the connection open until user releases it.
pwntester/XMLDecoder
RCE Exploit PoC for XMLDecoder
pwntester/XStreamServer
RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler
pwntester/XStreamPOC
POC for XStream RCE
pwntester/RSA_RESTing
Demos for RSA talk: RESTing on your laurels will get you owned
pwntester/OWASP-GoatDroid-Dolphis
OWASP GoatDroid Exploit Apps
pwntester/OGNLInjection
OGNL Expression Injection Tescase
pwntester/RestletXMLDecoder
Restlet API consuming XML serialized Java Objects. Vulnerable to XXE and RCE (if third party libraries like GroovyShell are found in the classpath)
pwntester/pwntools
pwntester/XQueryInjection
XQuery Injection Testcases
pwntester/evil_stuff
pwntester/json-io
Perfect Java serialization to and from JSON format
pwntester/MarkdownEditing
Powerful Markdown package for Sublime Text with better syntax understanding and good color schemes.
pwntester/Struts2_Dynamic_Method_Invocation
Test case from http://www.brucephillips.name/blog/index.cfm/2011/2/19/Struts-2-Security-Vulnerability--Dynamic-Method-Invocation
pwntester/sublime-text-3-octopress
Migrating to Sublime Text 3
pwntester/DefCon_RESTing
Private repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro
pwntester/homebrew-python
Python formulae for Homebrew
pwntester/HopperScripts
Python Scripts for use with Hopper Disassembler
pwntester/metasploit-javapayload
Metasploit's Java payloads, including Java and Android Meterpreters
pwntester/pwncrypto
pwntester/SpringValidator
Spring MVC 2 & 3 Validators
pwntester/StayPuft
A fork of Casper, the default theme for Ghost
pwntester/SublimeLinter3
Interactive code linting framework for Sublime Text 3
pwntester/tapirus
jQuery plugin for Tapir static site search
pwntester/VimCobaltColourScheme
A Colbalt (from TextMate) inspired colour scheme for Vim
pwntester/Vintageous-Origami
Add Vim like pane management to Vintageous using SublimeText/Origami