Wh0ale's repositories
SRC-experience
工欲善其事,必先利其器
SHIRO_Rememberme_decode
Apache Shiro payload AES解密
Nexus_Repository_Manager3_Vulnerabilities
Nexus Repository Manager3 - 远程执行代码漏洞回显payload
wh0ale.github.io
https://Wh0ale.github.io
CAS_Execution_decode
Apereo CAS payload AES解密
Sec-Interview-4-2023
一个2023届毕业生在毕业前持续更新、收集的安全岗面试题及面试经验分享~
POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
Vulnerability
此项目将不定期从棱角社区对外进行公布一些最新漏洞。
woodpecker-framwork-release
高危漏洞精准检测与深度利用框架
AllVideoPocsFromHackerOne
This script grab public report from hacker one and make some folders with poc videos
burp-log4shell
Log4Shell scanner for Burp Suite
fastjson_rce_tool
fastjson命令执行自动化利用工具, remote code execute,JNDI服务利用工具 RMI/LDAP
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
JNDIExploit
A malicious LDAP server for JNDI injection attacks
JNDIScan
无须借助dnslog且完全无害的JNDI反连检测工具,解析RMI和LDAP协议实现,可用于甲方内网自查
log4j2burpscanner
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
NotionNext
一个使用 NextJS + Notion API 实现的,部署在 Vercel 上的静态博客系统。为Notion和所有创作者设计。
purge
Public OSINT data
pxplan
CVE-2022-2022
Reverse-Engineering
A FREE comprehensive reverse engineering course covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
SecurityList
A list for Web Security and Code Audit
wiki
WgpSec 公开POC WIKI文库 @PeiQi0 师傅