pllrry's starred repositories
server-side-prototype-pollution
A collection of Server-Side Prototype Pollution gadgets and exploits
chunked-coding-converter
Burp suite 分块传输辅助插件
API-Explorer
API接口管理工具(目前内置微信公众号、微信小程序、企业微信、飞书、钉钉等)
macs-fan-control
Control fans on Apple computers
LoveLy-QRCode-Scanner
A script to brute force decode QR codes, mainly for decoding blurred or AI-generated QR codes that can't be scanned by WeChat.
cnext-exploits
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
FastjsonExploit
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
vdexExtractor
Tool to decompile & extract Android Dex bytecode from Vdex files
Code-audit
关于漏洞原理分析与代码审计的研究解析
SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
JDBC-Attack
JDBC Connection URL Attack
hackerone-reports
Top disclosed reports from HackerOne
daydayExp-pocs
daydayExp的漏洞POC仓库,慢慢更新...
taowa-generator
更适合**Misc手体质的套题生成器