Trần Nguyễn Bảo Khanh's starred repositories
PHPSerialize-labs
【Hello CTF】PHPSerialize-labs是一个使用php语言编写的,用于学习CTF中PHP反序列化的入门靶场。旨在帮助大家对PHP的序列化和反序列化有一个全面的了解。
awesome-nodejs-security
Awesome Node.js Security resources
web-fuzz-wordlists
Common Web Managers Fuzz Wordlists
SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
JS2PDFInjector
Inject a JS file into a PDF file.
ctf-archives
CTF Archives: Collection of CTF Challenges.
CVE-2020-28032_PoC
PoC for CVE-2020-28032 (It's just a POP chain in WordPress < 5.5.2 for exploiting PHP Object Injection)
CVE-2024-34102
POC for CVE-2024-34102 : Unauthenticated Magento XXE and bypassing WAF , You will get http connection on ur webhook
PayloadsAllThePDFs
PDF Files for Pentesting
yaml-payload
A tiny project for generating SnakeYAML deserialization payloads
CVE-2022-22978-PoC
PoC of CVE-2022-22978 vulnerability in Spring Security framework
google-dorks
Useful Google Dorks for WebSecurity and Bug Bounty
ScopeSentry
ScopeSentry-网络空间测绘、子域名枚举、端口扫描、敏感信息发现、漏洞扫描、分布式节点
actuator-testbed
A vulnerable application exposing Spring Boot Actuators
pdfjs-vuln-demo
This project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367
ReverseShell-Java
Generating payloads to reverse shell in different contexts of java.
SpringBoot-ImprookCare
Research and Develop Restful APIs for a Health Consultation And Management System (Spring Boot).
laravel-poc-CVE-2018-15133
PoC for CVE-2018-15133 (Laravel unserialize vulnerability)
CVE-2024-4577
POC & $BASH script for CVE-2024-4577
LearnJavaMemshellFromZero
【三万字原创】完全零基础从0到1掌握Java内存马,公众号:追梦信安
CVE-2024-32113
Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]
aws-enumerator
The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.
java-echo-generator
一款支持高度自定义的 Java 回显载荷生成工具|A highly customizable Java echo payload generation tool.