jweny's repositories
MemShellDemo
内存马Demo合集 memshell demo for java / php / python
shiro-cve-2020-17523
shiro-cve-2020-17523 漏洞的两种绕过姿势分析 以及配套的漏洞环境
CVE-2022-23131
cve-2022-23131 exp
check_jsonp_based_on_ast
基于AST的JSONP劫持漏洞自动化挖掘
pocassistdb
database of pocassist(漏洞库)
pocassistweb
web ui of pocassist
Distributed_Docker_Openvas
基于Docker集群的分布式Openvas(GVM)。本项目包括:GVM-Docker镜像,Openvas-Scanner-Docker镜像,GVM远程调度(golang)。
Awesome-Security-Books
一个搬运工项目,分享一点点之前看过的文档/结构图/思维导图/ppt/电子书
HTTP-Request-Smuggling-Checker
A tool to quickly check HTTP-Request-Smuggling, written by python3
log4j-vul-env
log4j tomcat web漏洞环境
cve-2022-22980
CVE-2022-22980 exp && 靶场
DongTai-agent-java
“火线~洞态IAST”是一款专为甲方安全人员、代码审计工程师和0 Day漏洞挖掘人员量身打造的辅助工具,可用于集成devops环境进行漏洞检测、作为代码审计的辅助工具和自动化挖掘0 Day。
jweny.github.io
一个小博客
PetitPotato
Local privilege escalation via PetitPotam
CobaltStrike
CobaltStrike's source code
goysoserial
go-ysoserial
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
reapoc
OpenSource Poc && Vulnerable-Target Storage Box.
screenshot-to-code
Drop in a screenshot and convert it to clean code (HTML/Tailwind/React/Vue)
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.