bigBestWay's repositories
taycan-sdk
use ptrace hook Hotspot JavaVM, instrument java bytecode
SilverPatcher
a CTF AWD x86/x86_64 ELF binary auto-patcher.
thinpatcher
a CTF AWD x86/x86_64 ELF patcher
dnstake
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
droid-scripts
Executable scripts for helping with Android related work
fastjsonDetect
fastjson vulnerability detect by using JVMTI
FlowDroid
FlowDroid Static Data Flow Tracker
FRIDA-DEXDump
Fast search and dump dex on memory.
fridaRegstNtv
利用 frida 获取 Jni RegisterNatives 动态注册的函数
ghidra
Ghidra is a software reverse engineering (SRE) framework
JNDI-Exploit-Bypass-Demo
Demo code for post <Restrictions of JNDI Manipulation RCE & Bypass>
Mars
Mars(战神)——资产发现、子域名枚举、C段扫描、资产变更监测、端口变更监测、域名解析变更监测、Awvs扫描、POC检测、web指纹探测、端口指纹探测、CDN探测、操作系统指纹探测、泛解析探测、WAF探测、敏感信息检测等等
rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
static-binaries
Various *nix tools built as statically-linked binaries
Tigress_protection
Playing with the Tigress binary protection. Break some of its protections and solve some of its challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.
tiny-AES-c
Small portable AES128/192/256 in C
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.