chen1sheng's starred repositories
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
fastjson-autotype-bypass-demo
fastjson 1.2.68 版本 autotype bypass
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
java-object-searcher
java内存对象搜索辅助工具
BurpLogFilter
A python3 program to filter Burp Suite log file.
BloodHound
Six Degrees of Domain Admin
attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
ysoserial.net
Deserialization payload generator for a variety of .NET formatters
cve-2020-0688
cve-2020-0688
ATTCK-PenTester-Book
ATTCK-PenTester-Book
UAC_Bypass_In_The_Wild
Windows 10 UAC bypass for all executable files which are autoelevate true .
InjectProc
InjectProc - Process Injection Techniques [This project is not maintained anymore]
windows-privesc-check
Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems
Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
SecurityTools
Tools
awesome-burp-suite
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
Burpsuite-Plugins-Usage
Burpsuite-Plugins-Usage