fnmsd's repositories
MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
awvs_script_decode
解密好的AWVS10.5 data/script/目录下的脚本
ChunkedHTTPAdapter
参考《利用分块传输吊打所有WAF》修改的requests的Adapter
zimbra_poc
Zimbra XXE+SSRF+UPLOAD Poc
sectoolset
The security tool(project) Set from github。github安全项目工具集合
SerializationDumper
A Modifed SerializationDumper for Dump bytecodes from TemplatesImpl Gadget
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bugcrowd_university
Open source education content for the researcher community
dirtycow.github.io
Dirty COW
fingerprint
各种工具指纹收集分享
geetest-crack
🔨 Geetest Crack | 从 JavaScript 层面一步步破解极验「鼠标点击+滑块滑动」各种加密参数
go-common
哔哩哔哩 bilibili 网站后台工程 源码
http-script-generator
ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
jQuery_QueryBuilder_field_input
令jQuery QueryBuilder支持任意字段名输入
phpext_phpjiami_decode
An ext for php to decode some phpjiami
sql-parser
SQL Parser for C++. Building C++ object structure from SQL statements.
UnicomTask
联通手机营业厅自动做任务、签到、领流量、领积分等。
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
weblogic_honeypot
WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.