TEag1e's starred repositories
CVE-2024-21683-RCE
CVE-2024-21683 Confluence Post Auth RCE
OctoMation
OctoMation是一款免费的,具有可视化拖拽功能的编排与自动化产品。通过精心编排的Playbook,OctoMation能够联动数百款安全、网络、IT和SaaS等产品的基础能力。其主要特点包括低代码剧本编排、自动化事件响应、标准化流程操作以及可视化过程监控。 借助OctoMation,运营团队能够开展7x24小时自动化事件响应,不仅可以大幅减少对人员的过度依赖,还能确保团队工作质量始终维持在较高的水准上,最终实现“极速降本增效”。
security-paper
(与本人兴趣强相关的)各种安全or计算机资料收集
ant-application-security-testing-benchmark
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
drawio-desktop
Official electron build of draw.io
GDA-android-reversing-Tool
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.
jar-analyzer
Jar Analyzer - 一个JAR包分析工具,批量分析JAR包搜索,方法调用关系搜索,字符串搜索,Spring组件分析,CFG分析,JVM Stack Frame分析,远程分析Tomcat,进阶表达式搜索,自定义SQL查询,字节码查看,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码
fernflower
Unofficial mirror of FernFlower Java decompiler (All pulls should be submitted upstream)
fastjson-bypass-autotype-1.2.68
fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
JavaSecurityLearning
记录一下 Java 安全学习历程,也算是半条学习路线了
shiro_rce_tool
shiro 反序列 命令执行辅助检测工具
mybatis-plus_vul
SQL injection vulnerability exists in Mybatis-Plus
CVE-2022-42889-PoC
Proof of Concept for the Apache commons-text vulnerability CVE-2022-42889.
EHole_magic
EHole(棱洞)魔改。可对路径进行指纹识别;支持识别出来的重点资产进行漏洞检测(支持从hunter和fofa中提取资产)支持对ftp服务识别及爆破