zhzhdoai

QAX SGLAB

where

Pinned Repositories

0day-security-software-vulnerability-analysis-technology
0day安全_软件漏洞分析技术
Language:C0 1 00
JAVA_Env-Poc
Language:Java6 2 00
JByteMod-Beta
Java bytecode editor
Language:Java1 1 00
Motan-rce
Language:Java5 2 00
RedTeamer
红方人员作战执行手册
1 1 01
redtool
日常积累的一些红队工具及自己写的脚本，更偏向于一些diy的好用的工具，并不是一些比较常用的msf/awvs/xray这种
Language:Shell1 1 00
rogue-jndi
A malicious LDAP server for JNDI injection attacks
Language:Java1 1 01
Struts2_Vuln
Struts2历史漏洞分析复现
Language:Java6 3 00
Weblogic_Vuln
CVE-2015-4852、CVE-2016-0638、CVE-2016-3510、CVE-2019-2890漏洞POC
Language:Java17 3 12
zhzhdoai.github.io
个人博客！！！
Language:HTML3 1 190

zhzhdoai's Repositories

zhzhdoai/Weblogic_Vuln
CVE-2015-4852、CVE-2016-0638、CVE-2016-3510、CVE-2019-2890漏洞POC
Language:Java17 3 12
zhzhdoai/JAVA_Env-Poc
Language:Java6 2 00
zhzhdoai/Motan-rce
Language:Java5 2 00
zhzhdoai/rogue-jndi
A malicious LDAP server for JNDI injection attacks
Language:Java1 1 01
zhzhdoai/ActiveMQ_putshell-CVE-2016-3088
ActiveMQ_putshell直接获取webshell
Language:Python1 0
zhzhdoai/AndroidSecurityStudy
安卓应用安全学习
zhzhdoai/batch-java-decompile
This is a small tool which can be used to decompile jars in bulk. Sometimes maybe helpful:-)
zhzhdoai/Behinder
Behinder source code
Language:Java1 0
zhzhdoai/cas4.x-execution-rce
exp for 4.1.x-4.1.6, 4.1.7-4.2.x, padding oracle attack
Language:Python1 011
zhzhdoai/classpy
GUI tool for investigating Java class files
Language:Java1 0
zhzhdoai/fafuscan
课程设计作业 Course design assignments
Language:Python2 0
zhzhdoai/fastjson-bypass-autotype-1.2.68
fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
Language:Java1 0
zhzhdoai/FileMonitor
文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具)
Language:Python1 0
zhzhdoai/footprint
个人笔记
Language:Go1 0
zhzhdoai/frps-onekey
Frps 一键安装脚本&管理脚本 A tool to auto-compile & install frps on Linux
Language:Shell1 0
zhzhdoai/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
1 0
zhzhdoai/JavaDemo
专注于梳理Java知识点，解析开源项目！这里都是文章代码的项目示例，好好学哈！
Language:Java1 0
zhzhdoai/javaseccode
Language:Java1 0
zhzhdoai/log-agent
利用agent hock指定的class，在jar运行周期内，用于跟踪被执行的方法，辅助做一些事情，比如挖洞啊
zhzhdoai/OA-Seeyou
note
Language:Java1 0
zhzhdoai/RemoteObjectInvocationHandler
bypass JEP290 RaspHook code
Language:Java1 0
zhzhdoai/RMIDeserialize
RMI 反序列化环境一步步
Language:Java1 0
zhzhdoai/self_codeql_java
Language:CodeQL2 0
zhzhdoai/SerializationDumper
A tool to dump Java serialization streams in a more human readable form.
Language:Java1 0
zhzhdoai/SomePoc
Some 2020 poc
1 0
zhzhdoai/Team-Ares
Repository for all TeamARES POC code and tools.
Language:Python1 0
zhzhdoai/Tentacle
Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.
zhzhdoai/WeblogicEnvironment
Weblogic环境搭建工具
Language:Shell1 0
zhzhdoai/xray-crack
xray社区高级版证书生成，仅供学习研究，正常使用请支持正版
Language:Go1 0
zhzhdoai/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Language:Java1 0