k1n9

Java-Deserialization-Cheat-Sheet

The cheat sheet about Java Deserialization vulnerabilities

CVE-2018-2628

CVE-2018-2628

CVE-2019-3396_EXP

CVE-2019-3396 confluence SSTI RCE

exploit-database

The official Exploit Database repository

k1n9.github.io

blog

php

php 代码

python

python 代码

AwesomeEncoder

AntSword 自定义编(解)码器分享

CVE-2020-0688

Exploit and detect tools for CVE-2020-0688

Logos.Utility

C#/.NET Utility code created by Logos Bible Software

LuWu

红队基础设施自动化部署工具

Papers

Some papers about cyber security

RCEvil.NET

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

unserchain

WDScanner

WDScanner平台目前实现了如下功能：分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。

weblogic_cmd

weblogic t3 deserialization rce