qiqingshiwo's repositories
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
2021_Hvv
2021 hw
agentcrack
不那么一样的 Java Agent 内存马
BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
ByteCodeDL
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
cas
Apereo CAS - Identity & Single Sign On for all earthlings and beyond.
core
🔞 JAVClub - 让你的大姐姐不再走丢
cve-2019-19781
This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.
CVE-2020-5902
CVE-2020-5902 BIG-IP
Fastjson
Fastjson姿势技巧集合
frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
Godzilla
哥斯拉
openrasp
🔥Open source RASP solution
PentestNote
渗透测试☞经验/思路/想法/总结/笔记/面经. . .
pmd
An extensible multilanguage static code analyzer.
pxplan
CVE-2023-2023
Recon
自动化护网/SRC致富脚本
ShellcodeLoader
该项目为Shellocde加载器,详细介绍了我们如何绕过防病毒软件,以及该工具如何使用
SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
Static-Program-Analysis-Book
Getting started with static program analysis. 静态程序分析入门教程。
tabby
A CAT called tabby ( Code Analysis Tool )
Vulnerability
此项目将不定期从棱角社区对外进行公布一些最新漏洞。
ysomap
A helpful Java Deserialization exploit framework based on ysoserial
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.