l3m0n's starred repositories
BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
LangSrcCurise
SRC子域名资产监控
crawlergo_x_XRAY
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
ATTCK-PenTester-Book
ATTCK-PenTester-Book
ReverseTCPShell
PowerShell ReverseTCP Shell - Framework
wooyun-payload
从wooyun中提取的payload,以及burp插件
shadowsocks
Redirect attack on Shadowsocks stream ciphers
CVE-2020-0688
Exploit and detect tools for CVE-2020-0688
CVE-2020-0683
CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege
CVE-2020-2551
Weblogic IIOP CVE-2020-2551
CVE-2020-0618
SQL Server Reporting Services(CVE-2020-0618)中的RCE
CVE-2018-3245
CVE-2018-3245-PoC
cve-2020-0688
cve-2020-0688
burpsuite_jsapi
A BurpSuite extension written by Python,used to find API interface in JS file.
RDP_SessionHijacking
Passwordless RDP Session Hijacking
Webshell-samples
webshell and nonwebshell samples,which can be used to train machine learning models to detect webshell
POPFuckProxy
POP3 MITM example
Shiro_test
about shiro