Pinned Repositories
argumentinjectionhammer
A Burp Extension designed to identify argument injection vulnerabilities.
awesome-aws-security
Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Awesome-Red-Teaming
List of Awesome Red Teaming Resources
Awesome-web3-Security
A curated list of web3Security materials and resources For Pentesters and Bug Hunters.
burpsuite-pro-installation
😁 BurpSuite Pro Auto Installation Script For Linux And Windows! 👍
Bypass_Disable_functions_Shell
一个各种方式突破Disable_functions达到命令执行的shell
java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
vanirxxx's Repositories
vanirxxx/java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
vanirxxx/awesome-aws-security
Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
vanirxxx/Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
vanirxxx/Awesome-Red-Teaming
List of Awesome Red Teaming Resources
vanirxxx/Awesome-web3-Security
A curated list of web3Security materials and resources For Pentesters and Bug Hunters.
vanirxxx/burpsuite-pro-installation
😁 BurpSuite Pro Auto Installation Script For Linux And Windows! 👍
vanirxxx/Challenges_2022_Public
Files + Writeups for DownUnderCTF 2022 Challenges
vanirxxx/client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
vanirxxx/exploits
Pwn stuff.
vanirxxx/gadgetinspector
A byte code analyzer for finding deserialization gadget chains in Java applications
vanirxxx/go
The Go programming language
vanirxxx/idol-ctf-challenges
a repository of all the CTF challenges I've made for public events
vanirxxx/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
vanirxxx/JavaSec
a rep for documenting my study, may be from 0 to 0.1
vanirxxx/MemoryShellLearn
分享几个直接可用的内存马,记录一下学习过程中看过的文章
vanirxxx/My-CTF-Challenges
vanirxxx/OSCE-Complete-Guide
OSWE, OSEP, OSED
vanirxxx/Pickora
A toy compiler that can convert Python scripts 🐍 to pickle bytecode 🥒
vanirxxx/pker
Automatically converts Python source code to Pickle opcode
vanirxxx/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
vanirxxx/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
vanirxxx/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
vanirxxx/unzipper
Small class to extract + compress .zip, .gz, .rar archives via browser.
vanirxxx/uri-schemes-wordlist
Wordlist used while bruteforcing/fuzzing schemes in XXE,SSRF, LFI, etc.
vanirxxx/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
vanirxxx/Web-CTF-Cheatsheet
Web CTF CheatSheet 🐈
vanirxxx/webshell
This is a webshell open source project
vanirxxx/weevely3
Weaponized web shell
vanirxxx/ysomap
A helpful Java Deserialization exploit framework.
vanirxxx/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.