Pinned Repositories
BaRMIe
Java RMI enumeration and attack tool.
exploiting-groovy-in-Java
Some payloads of exploiting groovy in java.
FastjsonPocs
一些结合第三方组件的Fastjson POC,在1.2.48以后版本中陆续被添加至黑名单。
ipdb-java
IPIP.net officially supported IP database ipdb format parsing library
JNDI-Injection-Bypass
Some payloads of JNDI Injection in JDK 1.8.0_191+
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
jvm-sandbox
Real - time non-invasive AOP framework container based on JVM
ReverseShell-Java
Generating payloads to reverse shell in different contexts of java.
SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
welk1n's Repositories
welk1n/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
welk1n/JNDI-Injection-Bypass
Some payloads of JNDI Injection in JDK 1.8.0_191+
welk1n/FastjsonPocs
一些结合第三方组件的Fastjson POC,在1.2.48以后版本中陆续被添加至黑名单。
welk1n/ReverseShell-Java
Generating payloads to reverse shell in different contexts of java.
welk1n/exploiting-groovy-in-Java
Some payloads of exploiting groovy in java.
welk1n/BaRMIe
Java RMI enumeration and attack tool.
welk1n/jvm-sandbox
Real - time non-invasive AOP framework container based on JVM
welk1n/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
welk1n/CobaltStrike
CobaltStrike's source code
welk1n/ipdb-java
IPIP.net officially supported IP database ipdb format parsing library
welk1n/find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
welk1n/gadgetinspector
A byte code analyzer for finding deserialization gadget chains in Java applications
welk1n/homebrew-core
🍻 Default formulae for the missing package manager for macOS
welk1n/jailbreak
Jailbreak
welk1n/marshalsec
welk1n/nps
一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发,支持内网http代理、内网socks5代理,同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理,集成多用户模式。
welk1n/OSfooler-ng
OSfooler-ng prevents remote active/passive OS fingerprinting by tools like nmap or p0f
welk1n/Potatso
Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework. ***This project is unmaintained, try taking a look at this fork https://github.com/shadowcoel/shadowcoel instead.
welk1n/TheHunter
welk1n/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.