Giters
m01e (fa1c0n1)

fa1c0n1

Geek Repo

83

followers

134

following

799

stars

Twitter:@m01e_exp

Github PK Tool:Github PK Tool

m01e's repositories

cors-jsonp-pocs

用于利用不安全的CORS漏洞和JSONP漏洞Demo程序

Language:JavaScriptStargazers:2Issues:1Issues:1

jackson-poc-collections

收集jackson-databind的PoC,且包括用于复现的IDEA工程。

Language:JavaStargazers:2Issues:1Issues:0

fastjson-vulns

A personal project that used to recurrence and debug fastjson vulnerabilities.

Language:JavaStargazers:1Issues:1Issues:0

learnjavabug

Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

Language:JavaLicense:MITStargazers:1Issues:0Issues:0

ARL_from_Aabyss-Team

ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。

License:MITStargazers:0Issues:0Issues:0

ClazzSearcher

一款使用Yaml定义搜索规则来搜索Class的工具

Stargazers:0Issues:0Issues:0

cors-jsonp-test

使用Node.js写的测试不安全的CORS和JSONP的示例程序

Language:JavaScriptStargazers:0Issues:0Issues:0

dsl

DSL engine

License:MITStargazers:0Issues:0Issues:0

fa1c0n-vim

There are my commonly used Vim plugins and .vimrc.

Language:Vim ScriptStargazers:0Issues:1Issues:0

FakeToa

Fake IP sources using Linux's BPF feature

Stargazers:0Issues:0Issues:0

find-sec-bugs

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

License:LGPL-3.0Stargazers:0Issues:0Issues:0

Java-Deserialization-Cheat-Sheet

The cheat sheet about Java Deserialization vulnerabilities

Stargazers:0Issues:0Issues:0

jdwp-codeifier-go

Language:GoStargazers:0Issues:0Issues:0

JNDIExploit

A malicious LDAP server for JNDI injection attacks

Stargazers:0Issues:0Issues:0

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Stargazers:0Issues:0Issues:0

misc-classes

Some evil classes used to penetration.

Language:JavaStargazers:0Issues:1Issues:0

NacosRce

Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用

Stargazers:0Issues:0Issues:0

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

License:MITStargazers:0Issues:0Issues:0

nuclei-burp-plugin

Nuclei plugin for BurpSuite

License:MITStargazers:0Issues:0Issues:0

nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Language:JavaScriptLicense:MITStargazers:0Issues:0Issues:0

OddProxyDemo

Stargazers:0Issues:0Issues:0

personal-

Stargazers:0Issues:0Issues:0

pocsuite3

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Language:PythonLicense:NOASSERTIONStargazers:0Issues:0Issues:0

poi-tl

Generate awesome word(docx) with template

License:Apache-2.0Stargazers:0Issues:0Issues:0

revsuit

RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.

License:Apache-2.0Stargazers:0Issues:0Issues:0

springboot-memshell-test

A memshell injection testing project in Springboot environment.

Language:JavaStargazers:0Issues:0Issues:0

tabby

A CAT called tabby ( Code Analysis Tool )

Language:JavaLicense:Apache-2.0Stargazers:0Issues:0Issues:0

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

License:MITStargazers:0Issues:0Issues:0

ysomap

A helpful Java Deserialization exploit framework based on ysoserial

Language:JavaLicense:Apache-2.0Stargazers:0Issues:0Issues:0

ysuserial

ysoserial for su18

License:MITStargazers:0Issues:0Issues:0