Gerald's starred repositories
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
version-manager
🔥 A general version manager for 80+ SDKs with TUI inspired by lazygit. No need to remember any commands. Less bugs.
-Baseline-check
windows和linux基线检查,配套自动化检查脚本。纯手打。
cnext-exploits
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
django-types
:doughnut: Type stubs for Django
php-exploit
some fun php exploits
Restful-Api-Tool
Restful Api Tool is a universal interface testing tool similar to Postman. It is very convenient to use it to test the Restful interface, as well as to quickly trigger a timer, reducing waiting time, and there are more functions waiting for you to explore.