w4nd3r-hya

Pinned Repositories

fastjson-local-echo
基于dbcp的fastjson rce 回显
Language:Java00
GKCTF2021
GKCTF2021 writeup & challenges
Language:PHP65
golang-sqli-challenge
A CTF-like challenge utilizing SQL injection for practicing
Language:Dockerfile00
imgs
00
learnjavabug
Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Language:Java30
log4j_rce
log4j_rce
Language:Java20
redteam_vul
红队作战中比较常遇到的一些重点系统漏洞整理。
00
RedTeamTools
记录自己编写、修改的部分工具
Language:Python00
WeblogicEnvironment
Weblogic环境搭建工具
Language:Shell00
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Language:Java00

w4nd3r-hya's Repositories

w4nd3r-hya/GKCTF2021
GKCTF2021 writeup & challenges
Language:PHP65
w4nd3r-hya/learnjavabug
Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Language:Java30
w4nd3r-hya/log4j_rce
log4j_rce
Language:Java20
w4nd3r-hya/fastjson-local-echo
基于dbcp的fastjson rce 回显
Language:Java00
w4nd3r-hya/golang-sqli-challenge
A CTF-like challenge utilizing SQL injection for practicing
Language:Dockerfile00
w4nd3r-hya/imgs
00
w4nd3r-hya/redteam_vul
红队作战中比较常遇到的一些重点系统漏洞整理。
00
w4nd3r-hya/RedTeamTools
记录自己编写、修改的部分工具
Language:Python00
w4nd3r-hya/WeblogicEnvironment
Weblogic环境搭建工具
Language:Shell00
w4nd3r-hya/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Language:Java00