Pinned Repositories
1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
advisories
BEAST-PoC
:muscle: Proof Of Concept of the BEAST attack against SSL/TLS CVE-2011-3389 :muscle:
BeRoot
Windows Privilege Escalation Tool
BlueLotus_XSSReceiver
XSS平台 CTF工具 Web安全工具
brackets-emmet
Emmet plugin for Brackets editor
buildVpn
图文教程搭建一个vpn翻墙
EasyReact
Are you confused by the functors, applicatives, and monads in RxSwift and ReactiveCocoa? It doesn't matter, the concepts are so complicated that not many developers actually use them in normal projects. Is there an easy-to-use way to use reactive programming? EasyReact is born for this reason.
jeecg-boot
基于代码生成器的低代码平台,超越传统商业平台!前后端分离架构SpringBoot 2.x,SpringCloud,Ant Design&Vue,Mybatis-plus,Shiro,JWT。强大的代码生成器让前后端代码一键生成,无需写任何代码! 引领新低代码开发模式OnlineCoding->代码生成->手工MERGE,帮助Java项目解决70%重复工作,让开发更关注业务,既能快速提高开发效率,帮助公司节省成本,同时又不失灵活性。
xiaoyanyuha's Repositories
xiaoyanyuha/1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
xiaoyanyuha/advisories
xiaoyanyuha/Callback_Shellcode_Injection
POCs for Shellcode Injection via Callbacks
xiaoyanyuha/crawler
K 哥爬虫代码分享,JS 逆向,爬虫进阶。
xiaoyanyuha/cve-2020-10977
GitLab 12.9.0 Arbitrary File Read
xiaoyanyuha/CVE-2021-22205
CVE-2021-22205& GitLab CE/EE RCE
xiaoyanyuha/dubbo
The java implementation of Apache Dubbo. An RPC and microservice framework.
xiaoyanyuha/exploits
Some of my exploits.
xiaoyanyuha/FastAdmin
🤪 FastAPI + Vue构建的Mall项目后台管理
xiaoyanyuha/Fastjson
Fastjson姿势技巧集合
xiaoyanyuha/github-cve-monitor
监控github上新增的cve编号项目漏洞,推送钉钉或者server酱
xiaoyanyuha/go-cqhttp
cqhttp的golang实现,轻量、原生跨平台.
xiaoyanyuha/GoScan
GoScan是采用Golang语言编写的一款分布式综合资产管理系统,适合红队、SRC等使用
xiaoyanyuha/Heroku-v2ray
dsd----v2ray
xiaoyanyuha/heroku-vlessdd
fdafd
xiaoyanyuha/hosts
镜像:https://scaffrey.coding.net/p/hosts/git / https://git.qvq.network/googlehosts/hosts
xiaoyanyuha/KrbRelays
Framework for Kerberos relaying
xiaoyanyuha/Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon7.2内置94个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
xiaoyanyuha/lamp-cloud
lamp-cloud 基于Jdk11 + SpringCloud + SpringBoot的微服务快速开发平台,其中的可配置的SaaS功能尤其闪耀, 具备RBAC功能、网关统一鉴权、Xss防跨站攻击、自动代码生成、多种存储系统、分布式事务、分布式定时任务等多个模块,支持多业务系统并行开发, 支持多服务并行开发,可以作为后端服务的开发脚手架。代码简洁,注释齐全,架构清晰,非常适合学习和企业作为基础框架使用。
xiaoyanyuha/LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
xiaoyanyuha/payload
常用的payload
xiaoyanyuha/php-webshells
Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!
xiaoyanyuha/POC
POC
xiaoyanyuha/RedTeamer
红方人员作战执行手册
xiaoyanyuha/ribsnetwork
xiaoyanyuha/shiro_attack
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)
xiaoyanyuha/SpringShell
Spring4Shell - Spring Core RCE - CVE-2022-22965
xiaoyanyuha/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
xiaoyanyuha/xray-poc-generation
🧬 辅助生成 XRay YAML POC
xiaoyanyuha/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.