gaogaostone's repositories
alist
🗂️A file list/WebDAV program that supports multiple storages, powered by Gin and Solidjs. / 一个支持多存储的文件列表/WebDAV程序,使用 Gin 和 Solidjs。
ColdFusionPwn
Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12
CVE-2021-4034
CVE-2021-4034 1day
CVE-2023-22527-Godzilla-MEMSHELL
CVE-2023-22527 内存马注入工具
Fastjson
Fastjson姿势技巧集合
FilelessAgentMemShell
无需文件落地Agent内存马生成器
flask-session-cookie-manager
:cookie: Flask Session Cookie Decoder/Encoder
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
java-memshell-generator
一款支持高度自定义的 Java 内存马生成工具|A highly customizable Java memory-shell generation tool.
java-object-searcher
java内存对象搜索辅助工具
java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
KnowFramework
KnowFramework是滴滴基于开源技术组件构建Paas服务体系过程中,沉淀的业务无关的通用技术能力组件库
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
MemoryShellLearn
分享几个直接可用的内存马,记录一下学习过程中看过的文章
NacosCheck
Nacos默认密钥导致的身份认证绕过漏洞以及未授权漏洞检测
NacosRce
Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
pikachu
一个好玩的Web安全-漏洞测试平台
PuzzleSolver
一款针对CTF竞赛MISC的工具~
pyinstxtractor
PyInstaller Extractor
Python-random-module-cracker
Predict python's random module generated values.
RedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
SBSCAN
SBSCAN是一款针对spring框架的渗透测试工具,可以对指定站点进行spring boot敏感信息扫描以及进行spring相关漏洞的扫描与验证。
Tai-e
An easy-to-learn/use static analysis framework for Java
vagent
多功能 java agent 内存马
White-Jotter
白卷是一款使用 Vue+Spring Boot 开发的前后端分离项目,附带全套开发教程。(A simple CMS developed by Spring Boot and Vue.js with development tutorials)
ysoserial-for-woodpecker
给woodpecker框架量身定制的ysoserial