Pinned Repositories
1000php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
A-movie-of-flask
AngelSword
Python3编写的CMS漏洞检测框架
Apache_Shiro_1.2.4_RCE
Apache shiro <= 1.2.4 rememberMe 反序列化漏洞利用工具
CMS-Hunter
CMS漏洞测试用例集合
Poc_Study
Safety-papers
收集整理网上公布的安全论文和PPT。
sie504.github.io_old
My Blog
Struts-S2-xxx
整理收集Struts2漏洞环境
XSS-Game
sie504's Repositories
sie504/sie504.github.io_old
My Blog
sie504/Apache_Shiro_1.2.4_RCE
Apache shiro <= 1.2.4 rememberMe 反序列化漏洞利用工具
sie504/Awesome-WAF
🔥 A curated list of awesome web-app firewall (WAF) stuff.
sie504/Biu
网络资产发现、漏洞扫描
sie504/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/etc) that are eligible for reports
sie504/BuTian_Spider
2019 补天厂商爬虫与数据可视化文件打包
sie504/crawlergo_x_XRAY
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
sie504/CVE-2019-2725
CVE-2019-2725 命令回显
sie504/dirsearch
Web path scanner
sie504/Django_mooc
sie504/easyXssPayload
XssPayload List . Usage:
sie504/fastjson
:bullettrain_side: A fast JSON parser/generator for Java. (Aliyun Data Lake Analytics https://www.aliyun.com/product/datalakeanalytics powered by fastjson )
sie504/fastjson-remote-code-execute-poc
fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java
sie504/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
sie504/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
sie504/h1domains
HackerOne "in scope" domains
sie504/HtmlLearning
This is a repo for sharing My knowlage about html
sie504/java-sec-code
Java常见通用漏洞和修复的代码以及利用payload
sie504/Markdown-Resume-Template
BAT程序员自己的简历模板分享出来了 。技术简历追求简单明了,避免没有必要的花哨修饰,大家可以fork到自己仓库中,基于这个模板进行修改。
sie504/oFx
漏洞批量验证框架
sie504/Paper
security technology documents
sie504/parameth
This tool can be used to brute discover GET and POST parameters
sie504/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
sie504/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
sie504/shanghai_house_knowledge
2020年11月在上海买房经历总结出来的买房购房做的一些功课分享给大家,技术人帮助技术人,希望对大家有所帮助。
sie504/sie504.github.io
sie504/VulBoxSpider
漏洞盒子入驻企业列表爬虫
sie504/webshell
This is a webshell open source project
sie504/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
sie504/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List