kingkaki

weblogic-scan

weblogic 漏洞扫描工具

ctf-wscan

为ctf而生的web扫描器

ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Struts2-Vulenv

struts2 漏洞环境源代码

Exploit-scripts

存放一些自己写过的漏洞利用脚本

ciscn_sshop

参赛所用的sshop平台

bytecode-facade

一个写着玩的字节码分析工具

twenty-million-OP-stolen

20m OP Token 被盗漏洞复现

kingkaki.github.io

websec-tricks

record some tricks on web security

jndi-sample

jndi sample

Django-CTF-Platform

一个用Django编写的ctf平台

cloud-img

图床

Flask-blog

用flask写的博客系统

kingkaki

artemis

A simple, modular, and fast framework for writing MEV bots in Rust.

CDK

CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.

chatgpt-demo

A demo repo based on OpenAI API (gpt-3.5-turbo)

codeql-sample

codeql sample

compare

对比cms更新内容

go-common

哔哩哔哩 bilibili 网站后台工程 源码

https-proxy

简易获取https代理的小脚本

java_study

java学习之路上的一些练习代码

Listenable-dir-down

Listenable web directory download

Python-Design-Patterns

python设计模式的代码

redis-rogue-server

Redis(<=5.0.5) RCE

simple_guestbook

simple_guestbook

vnpy_tushare

vn.py框架的Tushare数据服务接口

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档