Pio's repositories
Active-Directory-Pentest-Notes
个人域渗透学习笔记
000
CSRF
Bypass CSRF-XMLRequestWith
Language:HTML000
FileMonitor
文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具)
Language:Python000
Fortify
源代码漏洞の审计
000
GScan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Language:Python000
javaweb-codereview
javaweb-codereview
Language:Java000
My-CTF-Web-Challenges
Collection of CTF Web challenges I made
Language:PHP000
MysqlT
伪造Myslq服务端,并利用Mysql逻辑漏洞来获取客户端的任意文件反击攻击者
Language:C#000
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Language:PythonMIT000
reverse-shell
Reverse Shell as a Service
MIT000
rules
通用的指纹识别规则
Language:PythonGPL-2.0000
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
Language:PHPMIT000
tomcat-cluster-session-sync-exp
tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击
000