phantom0301's starred repositories
HeadlessBrowsers
A list of (almost) all headless web browsers in existence
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
awesome-cloud-security
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
MYSQL_SQL_BYPASS_WIKI
mysql注入,bypass的一些心得
gadgetinspector
A byte code analyzer for finding deserialization gadget chains in Java applications
agentUniverse
agentUniverse is a LLM multi-agent framework that allows developers to easily build multi-agent applications.
NessusToReport
Nessus扫描报告自动化生成工具
PenetrationTestingScripts
Here is some simple and useful scripts for penetration.
ant-application-security-testing-benchmark
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
Evaluation_tools
测评工具
w12scan-client
网络资产搜索发现引擎,w12scan 扫描端程序