Beast code in Giters

chen1sheng's starred repositories

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Language:PythonMIT5832900

fastjson-autotype-bypass-demo

fastjson 1.2.68 版本 autotype bypass

Language:Java14000

opencti

Open Cyber Threat Intelligence Platform

Language:JavaScriptNOASSERTION517500

ossa

Open-Source Security Architecture | 开源安全架构

92800

learnjavabug

Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

Language:JavaMIT255500

BurpLogFilter

A python3 program to filter Burp Suite log file.

Language:Python7600

BloodHound

Six Degrees of Domain Admin

Language:PowerShellGPL-3.0957200

XSStrike

Most advanced XSS scanner.

Language:PythonGPL-3.01292200

attack-navigator

Web app that provides basic navigation and annotation of ATT&CK matrices

Language:TypeScriptApache-2.0192000

ysoserial.net

Deserialization payload generator for a variety of .NET formatters

Language:C#MIT309100

UAC_Bypass_In_The_Wild

Windows 10 UAC bypass for all executable files which are autoelevate true .

Language:C63400

InjectProc

InjectProc - Process Injection Techniques [This project is not maintained anymore]

Language:C++GPL-3.098900

windows-privesc-check

Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems

Language:Python147000

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Language:PowerShellMIT570600