ReAbout

web-sec

WEB安全手册(红队安全技能栈)，漏洞理解，漏洞利用，代码审计和渗透测试总结。【持续更新】

Datacon2019-WriteUp

datacon比赛方向三-攻击源与攻击者分析writeup

audit-java

Java代码审计手册，关注于漏洞挖掘而非利用【持续更新】

References-of-IoT-Security

智能家居安全相关参考。The related reference of smart home security including: paper, website, topic of Mi IoT.

pwn-exercise-iot

My PWN 练习题，异构PWN技能栈，适合IoT安全研究者。

ctf-writeup

My CTF Writeup

ShadowFuzzer

The fuzzing framework named SHADOWFUZZER to find clientside vulnerabilities when processing incoming MQTT messages.

IoT-Security-Notebook-in-Smart-Home

My notebook about the study of IoT Home Security.

6Gen

用python复现 《Target Generation for Internet-wide IPv6 Scanning 》的6Gen算法

Reference-of-Vehicle-Security

Reference of Vehicle Security。

Trampoline-Over-the-Air

Trampoline Over the Air: Breaking in IoT Devices Through MQTT Brokers

red_team_tool_countermeasures

apache-log4j-poc

Apache Log4j 远程代码执行

CVE-2016-5195

CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android

DataCenter

数据处理中心

ksubdomain

无状态子域名爆破工具

MagiskOnWSA

Integrate Magisk root and Google Apps (OpenGApps) into WSA (Windows Subsystem for Android)

Triclops

以人为本 桥接汽车企业