sinolantern

sinolantern's Stars

• Elegycloud/clash-for-linux-backup

  基于Clash Core 制作的Clash For Linux备份仓库 A Clash For Linux Backup Warehouse Based on Clash Core

  Language:Shell2.3k933

• CsEnox/SeManageVolumeExploit

  Language:C7616

• S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet

  A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

  5.5k1.2k

• zema1/watchvuln

  一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it

  Language:Go1.4k151

• fnmsd/MySQL_Fake_Server

  MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize

  Language:Python1.2k145

• threedr3am/learnjavabug

  Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

  Language:Java2.6k495

• lemono0/FastJsonParty

  FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本)，主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用

  Language:Python82193

• tadwhitaker/Security_Engineer_Interview_Questions

  Every Security Engineer Interview Question From Glassdoor.com

  1.2k216

• h4m5t/Sec-Interview

  Web安全工程师/信息安全工程师/渗透测试工程师 面试题库

  Language:HTML39632

• W01fh4cker/LearnFastjsonVulnFromZero-Basic

  【两万字原创】零基础学fastjson漏洞（基础篇），公众号：追梦信安

  14018

• Aabyss-Team/ARL

  ARL官方仓库备份项目：ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

  Language:Python1k535

• wy876/POC

  收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1100多个poc/exp，长期更新。

  3.6k767

• HyperSine/how-does-navicat-encrypt-password

  Transferred from https://github.com/DoubleLabyrinth/how-does-navicat-encrypt-password

  Language:C586195

• WeChatAPIs/WeChatMsgHistory_real

  Real-time Chat-重现微信群组和个人聊天记录查询项目，本项目为开发者和研究者提供一种深入查看微信聊天内容的解决方案，允许用户在特定条件下获取特定群组或私聊的聊天记录，并通过我们提供的API进行控制

  Language:Python76158

• slowmist/Blockchain-dark-forest-selfguard-handbook

  Blockchain dark forest selfguard handbook. Master these, master the security of your cryptocurrency.

  5.4k646

• epinna/tplmap

  Server-Side Template Injection and Code Injection Detection and Exploitation Tool

  Language:Python3.8k670

• ProbiusOfficial/TCL

  TCL-TencentCloudListener 腾讯云抢占式实例监听器

  Language:Python28612

• AlbusSec/Penetration-List

  Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penetration Testing. Includes payloads, dorks, fuzzing materials, and offers in-depth theory sections. Visit our Medium profile for more information.

  Language:Python754185

• reversecore/book

  리버싱 핵심원리 - 소스 코드 및 실습 예제

  Language:C++14452

• AabyssZG/AWD-Guide

  从零学习AWD比赛指导手册以及AWD脚本整理

  Language:Python40230

• lerpo/class-dump

  class-dump命令行工具，用于导出Mach-O头文件

  203

• f1tz/cnseay

  Seay源代码审计系统

  662186

• LoRexxar/Kunlun-M

  KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

  Language:Python2.2k310

• teamssix/awesome-cloud-security

  awesome cloud security 收集一些国内外不错的云安全资源，该项目主要面向国内的安全人员

  1.8k217

• BeichenDream/Godzilla

  哥斯拉

  3.9k531

• AabyssZG/WebShell-Bypass-Guide

  从零学习Webshell免杀手册

  1.6k122

• GerbenJavado/LinkFinder

  A python script that finds endpoints in JavaScript files

  Language:Python3.7k590

• r0oth3x49/ghauri

  An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

  Language:Python3k299

• ambionics/symfony-exploits

  Exploits targeting Symfony

  Language:Python19145

• pcottle/learnGitBranching

  An interactive git visualization and tutorial. Aspiring students of git can use this app to educate and challenge themselves towards mastery of git!

  Language:JavaScript30.5k5.7k