Yiuwai Je's repositories
CVE-2023-22527_Confluence_RCE
CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC
MemShell4Spring
Memory Webshell for Spring Web - 适用于 Spring Web 的内存马
CVE-2023-0669
GoAnywhere MFT CVE-2023-0669 LicenseResponseServlet Deserialization Vulnerabilities Python RCE PoC(Proof of Concept)
CodeQLVuln
CodeQL 的 JAVA 漏洞挖掘学习
CVE-2023-32031
CVE-2023-32031 MS Exchange PowerShell backend RCE
Apache_Druid_JNDI_Vuln
Apache Druid JNDI Vulnerable
CVE-2019-3396-Memshell-for-Behinder
CVE-2019-3396 Memshell for Behinder
CVE-2023-21971_Analysis
CVE-2023-21971 Connector/J RCE Analysis分析
NC6.5_NCMessageServlet_RCE
NC6.5 NCMessageServlet 反序列化
ZDI-CAN-22101
(0Day) Microsoft Exchange CreateAttachmentFromUri Server-Side Request Forgery Information Disclosure Vulnerability
Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
materials
Bonus materials, exercises, and example projects for our Python tutorials
seeyonAjaxGetshell
致远OA seeyon未授权漏洞批量getshell
cloudflare-docker-proxy
A docker registry proxy run on cloudflare worker.
CVE-2023-22515
CVE-2023-22515: Confluence Broken Access Control Exploit
hutool-codeql
🍬A set of tools that keep Java sweet.
JNDIExploit-1
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
msrc-api
A collection of tools to interact with Microsoft Security Response Center API
notea
📒 Self hosted note taking app stored on S3
trackerslist
Updated list of public BitTorrent trackers
TrackersListCollection
🎈 Updated daily! A list of popular BitTorrent Trackers! / 每天更新!全网热门 BT Tracker 列表!⭐++
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.