Firebasky

GoRmi

该项目是通过go语言实现防止rmi利用被反置的问题。

LdapBypassJndi

The function of the tool is to inject JNDI through LDAP

ScanDF

The purpose of this script is to bypass disablefund, provide some useful information, and dig the hook function of PHP extension.

SessionUpload

This project is a plug-in of burpsuite, which aims to quickly generate POC in case of conditional competition for session upload.

CTF-wp

对于一些CTF比赛写的wp

PublicCVE

php_framing_bug

about php framing bug

BypassJep290

Rmi By pass jep 290

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

pwn

404StarLink2.0-Galaxy

404StarLink Project 2.0 - 推荐真正优质、有意义、有趣、坚持维护的开源项目

Bypass

JNDIExploit-1

一款用于 JNDI注入 利用的工具，大量参考/引用了 Rogue JNDI 项目的代码，支持直接植入内存shell，并集成了常见的bypass 高版本JDK的方式，适用于与自动化工具配合使用。（from https://github.com/feihong-cs/JNDIExploit）

JSP-Webshells

Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势

phpggc

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

SchoolCode

学校作业代码

secbook

信息安全从业者书单推荐

Java-Rce-Echo

Java RCE 回显测试代码