qs-L's Stars
Xyntax/POC-T
渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Sh1Yo/x8
Hidden parameters discovery suite
Leezj9671/Pentest_Interview
个人准备渗透测试和安全面试的经验之谈,和去部分厂商的面试题,干货真的满满~
yeyintminthuhtut/Awesome-Red-Teaming
List of Awesome Red Teaming Resources
euphrat1ca/Security-List
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与。
we1h0/awesome-java-security-checklist
awesome-java-security-checklist(关于Java安全方面,Java基础/审计/修复/设计/规范)
GrrrDog/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
JoyChou93/java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
yaklang/yakit
Cyber Security ALL-IN-ONE Platform
c0ny1/vulstudy
使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
Cl0udG0d/SZhe_Scan
碎遮SZhe_Scan Web漏洞扫描器,基于python Flask框架,对输入的域名/IP进行全面的信息搜集,漏洞扫描,可自主添加POC
xfiftyone/STS2G
Struts2漏洞扫描利用工具 - Golang版. Struts2 Scanner Written in Golang
safe6Sec/GolangBypassAV
研究利用golang各种姿势bypassAV
Ne0nd0g/go-shellcode
A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.
labuladong/fucking-algorithm
刷算法全靠套路,认准 labuladong 就够了!English version supported! Crack LeetCode, not only how, but also why.
welk1n/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
tennc/webshell
This is a webshell open source project
ydnzol/memshell
Tomcat 冰蝎内存马。
Rvn0xsy/BadCode
恶意代码逃逸源代码 http://payloads.online
0x727/ShuiZe_0x727
信息收集自动化工具
5wimming/gadgetinspector
利用链、漏洞检测工具
FunnyWolf/Viper
Attack Surface Management & Red Team Simulation Platform 互联网攻击面管理&红队模拟平台
mbechler/marshalsec
jweny/shiro-cve-2020-17523
shiro-cve-2020-17523 漏洞的两种绕过姿势分析 以及配套的漏洞环境
jweny/MemShellDemo
内存马Demo合集 memshell demo for java / php / python
tporadowski/redis
Native port of Redis for Windows. Redis is an in-memory database that persists on disk. The data model is key-value, but many different kind of values are supported: Strings, Lists, Sets, Sorted Sets, Hashes, Streams, HyperLogLogs. This repository contains unofficial port of Redis to Windows.
gloxec/CrossC2
generate CobaltStrike's cross-platform payload
HackJava/HackJava
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
knownsec/404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
jweny/pocassist
傻瓜式漏洞PoC测试框架