A1kaid's starred repositories
deobfuscator
The real deal
PassDecode-jar
帆软/致远密码解密工具
GadgetInspector
forked from https://github.com/JackOfMostTrades/gadgetinspector
Deserial_Sink_With_JDBC
Some ReadObject Sink With JDBC
mysql-jdbc-tricks
JDBC Attack Tricks
corax-community
Corax for Java: A general static analysis framework for java code checking.
jar-analyzer-v1-cli
本项目可以把一个或多个Jar包构建成数据库,用户连接数据库后通过SQL语句任意搜索需要的内容,例如类和方法信息,方法调用关系等
Auto_proxy
利用IP地址池进行自动切换Http代理,防止IP封禁。
MULTIPLEXING_PORT
在极端限制出网情况下,可以使用端口复用的技术
multiplexing_port_socks5
一款golang写的支持http与socks5的端口复用小工具,并且可以开启socks5代理。
obfuscator
A java obfuscator (GUI)
jsql-injection
jSQL Injection is a Java application for automatic SQL database injection.
EDRSandblast-GodFault
EDRSandblast-GodFault
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
VcenterKit
Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit
Intranet-Movement-Kit
内网横向移动工具箱
StaticAnalysisQueries
A set of Code-ql/Joern queries to find vulnerabilities
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
Java-Js-Engine-Payloads
Java Js Engine Payloads All in one
evil-mysql-server
evil-mysql-server is a malicious database written to target jdbc deserialization vulnerabilities and requires ysoserial.
Databasetools
一款用Go语言编写的数据库自动化提权工具,支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接
Conferences
Conference presentation slides