melon's starred repositories
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
bpf-developer-tutorial
eBPF Developer Tutorial: Learning eBPF Step by Step with Examples
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
AutoBlue-MS17-010
This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010
TsojanScan
An integrated BurpSuite vulnerability detection plug-in.
Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation Cookbook
JavaSecurityLearning
记录一下 Java 安全学习历程,也算是半条学习路线了
Frida-Labs
The repo contains a series of challenges for learning Frida for Android Exploitation.
FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
java-echo-generator
一款支持高度自定义的 Java 回显载荷生成工具|A highly customizable Java echo payload generation tool.
SspiUacBypass
Bypassing UAC with SSPI Datagram Contexts
cnext-exploits
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
SharpShares
Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
jdwp-codeifier
基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本(动态执行Java/Js代码并获得回显)
Awsome-Sec.CTF-Videomaker
【Hello CTF】收录国内网络安全以及CTF领域的优秀视频作者
AheadLibEx
hijack dll Source Code Generator .
Unique_DLL_Hijacking_Scan
DLL Hijacking 批量挖掘工具,用于快速生成指定文件夹下所有 EXE 的 Unique DLL Hijacking Payload