YYHYlh

Apache-Dubbo-CVE-2023-23638-exp

Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践

Dubbo-Scan

一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。

pocCheck

用于第一时间获取X-ray扫描器的poc更新情况

YYHYlh.github.io

Blasting_dictionary

爆破字典

codeql-queries

My CodeQL queries collection

CVE-2020-2883

Weblogic coherence.jar RCE

gitblit

pure java git solution

Gitlab-CVE-2021-22205

GodzillaMemoryShellProject

hope-boot

🌱 Hope-Boot 一款现代化的脚手架项目

httplib2

Small, fast HTTP client library for Python. Features persistent connections, cache, and Google App Engine support. Originally written by Joe Gregorio, now supported by community.

go-common

哔哩哔哩 bilibili 网站后台工程 源码

jar-analyzer

Jar Analyzer Project

java-object-searcher

java内存对象搜索辅助工具

JYso

It can be either a JNDIExploit or a ysoserial.

Log4j2-RCE-Scanner

BurpSuite Extension: Log4j RCE Scanner

marshalsec

password_brute_dictionary

口令爆破字典，有键盘组合字典、拼音字典、字母与数字混合这三种类型

project-memoria-detector

RainDrops

润物细无声

Satellian-CVE-2020-7980

PoC script that shows RCE vulnerability over Intellian Satellite controller

SJ-Kit

Help security researchers to quickly research and deserialization vulnerability assisted research.

stopwords

中文常用停用词表（哈工大停用词表、百度停用词表等）

UPnP_Service

一个简单的基于Cling的UPnP协议的服务

vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

weblogic-framework

weblogic-framework

weblogicPoc

Weblogic Vuln POC EXP cve-2020-2551 cve-2020-2555 cve-2020-2883 ，。。。

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List