imxh2's repositories
docker-django-celery
Django, celery and more, all dockerized
imxh2.github.io
imxh2.github.io
Spring-Boot-Actuator-Exploit
Spring Boot Actuator (jolokia) XXE/RCE
vue-element-admin
:tada: A magical vue admin https://panjiachen.github.io/vue-element-admin
awesome-malware-analysis
Defund the Police.
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
chunked-coding-converter
Burp suite 分块传输辅助插件
client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
CVE-2022-39197
CobaltStrike <= 4.7.1 RCE
design-patterns-for-humans-cn
设计模式超简单的解释。
Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
DNSlog-GO
DNSLog-GO 是一款golang编写的监控 DNS 解析记录的工具,自带WEB界面
examples
chromedp code examples.
Finger
A tool for recognizing function symbol
Java-Rce-Echo
Java RCE 回显测试代码
JavaSecInterview
打造最强的Java安全研究与安全开发面试题库,包含问题和详细的答案,帮助师傅们找到满意的工作
javassist
Java bytecode engineering toolkit
Learn-Binary-Hacking
Binary Hacking Study Notes
Neo-reGeorg
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
nuclei
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
PentestDB
各种数据库的利用姿势
ppmap
A scanner/exploitation tool written in GO, which leverages Prototype Pollution to XSS by exploiting known gadgets.
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
veinmind-tools
veinmind-tools 是由长亭科技自研,基于veinmind-sdk打造的容器安全工具集
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.