stsxing

stsxing's Stars

• PacktPublishing/CISSP-Certification-Domain-4-Communication-and-Network-Security-Video-Boot-Camp-2022

  Code Repository for CISSP®️ Certification Domain 4: Communication and Network Security Video Boot Camp 2019, published by Packt

  910

• HackJava/HackJava

  《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.

  2.6k484

• pmiaowu/BurpReflectiveXssMiao

  一款基于burp的反射xss检测插件

  Language:Python15116

• f0ng/log4j2burpscanner

  CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks

  Language:Java807111

• lunasec-io/spring-rce-vulnerable-app

  Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.

  Language:Java3419

• tweedge/springcore-0day-en

  Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

  Language:Python10736

• TarlogicSecurity/sepriv

  Tool to manage user privileges

  Language:C2811

• Al1ex/LinuxEelvation

  Linux Eelvation(持续更新)

  Language:C39393

• Arinerron/CVE-2022-0847-DirtyPipe-Exploit

  A root exploit for CVE-2022-0847 (Dirty Pipe)

  Language:C1.1k219

• fa1c0n1/MyJSPWebshell

  My collection of various of JSP Webshell.

  Language:Java356

• reprise99/Sentinel-Queries

  Collection of KQL queries

  1.4k345

• bitsadmin/wesng

  Windows Exploit Suggester - Next Generation

  Language:Python4.3k571

• chroblert/WindowsVulnScan

  Language:Python39982

• 0vercl0k/zenith

  Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021.

  Language:Python12324

• MythicAgents/Athena

  Language:C18238

• its-a-feature/Mythic

  A collaborative, multi-platform, red teaming framework

  Language:JavaScript3.3k434

• crazy0x70/dingtalk-RCE

  Language:HTML311165

• Metnew/uxss-db

  🔪Browser logic vulnerabilities :skull_and_crossbones:

  Language:HTML68889

• wgpsec/ENScan_GO

  一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

  Language:Go3.2k307

• FunnyWolf/TFirewall

  防火墙出网探测工具,内网穿透型socks5代理

  Language:Go26651

• PyCQA/bandit

  Bandit is a tool designed to find common security issues in Python code.

  Language:Python6.6k616

• xiecat/fofax

  FOFAX是一个基于fofa.info的API命令行查询工具

  Language:Go75276

• ly4k/PwnKit

  Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

  Language:C1.1k191

• aahmad097/BadOutlook

  (kinda) Malicious Outlook Reader

  Language:C#13338

• salesforce/ja3

  JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

  Language:Python2.8k293

• nu11secur1ty/Windows10Exploits

  Microsoft » Windows 10 : Security Vulnerabilities

  Language:HTML898211

• threedr3am/learnjavabug

  Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

  Language:Java2.6k496

• longofo/Apache-Dubbo-Hessian2-CVE-2021-43297

  Apache Dubbo Hessian2 CVE-2021-43297 demo

  Language:Java469

• bitterzzZZ/CVE-2021-43297-POC

  CVE-2021-43297 POC，Apache Dubbo<= 2.7.13时可以实现RCE

  Language:Java389

• smicallef/spiderfoot

  SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

  Language:Python13.4k2.3k