sinolantern's Stars
Elegycloud/clash-for-linux-backup
基于Clash Core 制作的Clash For Linux备份仓库 A Clash For Linux Backup Warehouse Based on Clash Core
CsEnox/SeManageVolumeExploit
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
zema1/watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
fnmsd/MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
threedr3am/learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
lemono0/FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
tadwhitaker/Security_Engineer_Interview_Questions
Every Security Engineer Interview Question From Glassdoor.com
h4m5t/Sec-Interview
Web安全工程师/信息安全工程师/渗透测试工程师 面试题库
W01fh4cker/LearnFastjsonVulnFromZero-Basic
【两万字原创】零基础学fastjson漏洞(基础篇),公众号:追梦信安
Aabyss-Team/ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
wy876/POC
收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了1100多个poc/exp,长期更新。
HyperSine/how-does-navicat-encrypt-password
Transferred from https://github.com/DoubleLabyrinth/how-does-navicat-encrypt-password
WeChatAPIs/WeChatMsgHistory_real
Real-time Chat-重现微信群组和个人聊天记录查询项目,本项目为开发者和研究者提供一种深入查看微信聊天内容的解决方案,允许用户在特定条件下获取特定群组或私聊的聊天记录,并通过我们提供的API进行控制
slowmist/Blockchain-dark-forest-selfguard-handbook
Blockchain dark forest selfguard handbook. Master these, master the security of your cryptocurrency.
epinna/tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
ProbiusOfficial/TCL
TCL-TencentCloudListener 腾讯云抢占式实例监听器
AlbusSec/Penetration-List
Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penetration Testing. Includes payloads, dorks, fuzzing materials, and offers in-depth theory sections. Visit our Medium profile for more information.
reversecore/book
리버싱 핵심원리 - 소스 코드 및 실습 예제
AabyssZG/AWD-Guide
从零学习AWD比赛指导手册以及AWD脚本整理
lerpo/class-dump
class-dump命令行工具,用于导出Mach-O头文件
f1tz/cnseay
Seay源代码审计系统
LoRexxar/Kunlun-M
KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。
teamssix/awesome-cloud-security
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
BeichenDream/Godzilla
哥斯拉
AabyssZG/WebShell-Bypass-Guide
从零学习Webshell免杀手册
GerbenJavado/LinkFinder
A python script that finds endpoints in JavaScript files
r0oth3x49/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
ambionics/symfony-exploits
Exploits targeting Symfony
pcottle/learnGitBranching
An interactive git visualization and tutorial. Aspiring students of git can use this app to educate and challenge themselves towards mastery of git!