Pinned Repositories
AirHooperAttack
AirHopper Attack Reproduce
definingClassLoaderPoc
Poc for java definingClassLoader
exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat的漏洞利用脚本,均为亲测可用的脚本文件,优先更新高危且易利用的漏洞利用脚本,最近添加CVE-2020-1938、CVE-2020-2551、CVE-2019-2618、CVE-2019-6340
fastjson-vuln
Fastjson_Poc_1.2.36_bcel
Fastjson Poc for 1.2.33~1.2.36 with bcel
jd-cli
Command line Java Decompiler
rhinoPoc
Mozilla Rhino deserialization vulnerable POC
RmiServer
Rmi Server for jdbc Payload
sonicnet.js
Ultrasonic Networking with the Web Audio API
utf8_overlong
UTF8 Overlong Encoding Hacker for Ysoserial
yaojieno1's Repositories
yaojieno1/Fastjson_Poc_1.2.36_bcel
Fastjson Poc for 1.2.33~1.2.36 with bcel
yaojieno1/utf8_overlong
UTF8 Overlong Encoding Hacker for Ysoserial
yaojieno1/jd-cli
Command line Java Decompiler
yaojieno1/RmiServer
Rmi Server for jdbc Payload
yaojieno1/exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat的漏洞利用脚本,均为亲测可用的脚本文件,优先更新高危且易利用的漏洞利用脚本,最近添加CVE-2020-1938、CVE-2020-2551、CVE-2019-2618、CVE-2019-6340
yaojieno1/fastjson-vuln
yaojieno1/fernflower2
Unofficial mirror of FernFlower Java decompiler (All pulls should be submitted upstream)
yaojieno1/gadget
Some collection of sundries
yaojieno1/Jackson-databind-RCE-PoC
yaojieno1/jd-core
JD-Core is a JAVA decompiler written in JAVA.
yaojieno1/yaojieno1.github.io
香依香偎, 闻道解惑
yaojieno1/ysoserial_with_SerialKillerKiller
Ysoserial with SerialKillerKiller
yaojieno1/CVE-2024-38063
poc for CVE-2024-38063 (RCE in tcpip.sys)
yaojieno1/cve-2024-6387-poc
a signal handler race condition in OpenSSH's server (sshd)
yaojieno1/CVE-Daily-Push-Detail
零成本实现CVE每日推送
yaojieno1/free-font
大概是2020年最全的免费可商用字体,这里收录的商免字体都能找到明确的授权出处,可以放心使用,持续更新中...
yaojieno1/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
yaojieno1/gost
GO Simple Tunnel - a simple tunnel written in golang
yaojieno1/learnjavabug
Java安全相关的漏洞和技术demo,其中包括原生Java、Fastjson、Jackson、Hessian2以及XML反序列化漏洞利用和Dubbo(Hessian2反序列化)、Shiro(PaddingOracleCBC)等框架的exploits,并且还有Java Security Manager绕过、Dubbo-Hessian2安全加固、RMI利用等等实践代码。
yaojieno1/leetcode
leetcode resolve history
yaojieno1/leetcode-master
《代码随想录》LeetCode 刷题攻略:200道经典题目刷题顺序,共60w字的详细图解,视频难点剖析,50余张思维导图,支持C++,Java,Python,Go,JavaScript等多语言版本,从此算法学习不再迷茫!🔥🔥 来看看,你会发现相见恨晚!🚀
yaojieno1/Luyten2
An Open Source Java Decompiler Gui for Procyon
yaojieno1/open-cvdb
An open project to list all publicly known cloud vulnerabilities and CSP security issues
yaojieno1/OSSTunnel
基于亚马逊S3\阿里云OSS\腾讯COS通信隧道的远程管理工具
yaojieno1/pingtunnel
ICMP流量伪装转发工具 ping tunnel is a tool that advertises tcp/udp/socks5 traffic as icmp traffic for forwarding.
yaojieno1/prompt-engineering-for-developers
面向开发者的 LLM 入门教程,吴恩达大模型系列课程中文版
yaojieno1/SecConArchive
Security Conference Archive
yaojieno1/Security-PPT
Security-related Slide Presentation & Security Research Report(大安全各领域各公司各会议分享的PPT以及各类安全研究报告)
yaojieno1/securitylab
Resources related to GitHub Security Lab
yaojieno1/vscode-codeql-starter
Starter workspace to use with the CodeQL extension for Visual Studio Code.