iiusky's repositories
java_iast_example
JAVA IAST Example
CodeqlLearn
记录学习codeql的过程
ACAF
Auto Code Audit Framework for Java
all-about-apikey
Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
blobloom
Extremely fast Bloom filters for Go
codeql-queries
My CodeQL queries collection
codeql_compile
自动反编译闭源应用,创建codeql数据库
CVE-2021-4034
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
FireKylin
火麒麟-网络安全应急响应工具(系统痕迹采集)Cybersecurity emergency response tool.
interactsh
An OOB interaction gathering server and client library
JNDIExploit
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
kernel_new_features
一个深挖 Linux 内核的新功能特性,以 io_uring, cgroup, ebpf, llvm 为代表,包含开源项目,代码案例,文章,视频,架构脑图等
Log4j2-RCE-Scanner
BurpSuite Extension: Log4j RCE Scanner
natpass
新一代主机管理工具,支持web vnc和web shell
netspy
netspy是一款快速探测内网可达网段工具
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
OsDetect
识别操作系统指纹
reapoc
OpenSource Poc && Vulnerable-Target Storage Box.
riskscanner
RiskScanner 是开源的多云安全合规扫描平台,基于 Cloud Custodian 和 Nuclei 引擎,实现对主流公(私)有云资源的安全合规扫描和漏洞扫描。
sealos
一条命令离线安装高可用kubernetes,3min装完,700M,100年证书,版本不要太全,生产环境稳如老狗
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
wifi-framework
Wi-Fi Framework for creating proof-of-concepts, automated experiments, test suites, fuzzers, and more.
Yasso
强大的内网渗透辅助工具集-让Yasso像风一样
zkar
ZKar is a Java serialization protocol analysis tool implement in Go.