w0lfzhang

upnp_fuzzing

some_nday_bugs

capstone_learning

browser_pwn_learning

browser exploit

sonicwall-cve-2019-7482

FuzzingPaper

Recent Fuzzing Paper

nuaactf2018_babykernel

awesome

😎 Awesome lists about all kinds of interesting topics

awesome-devsecops

Curating the best DevSecOps resources and tooling.

awesome-rat

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

blog-stuff

browser-pwn

An updated collection of resources targeting browser-exploitation.

cwe_checker

cwe_checker is a BAP plugin to find vulnerable patterns in binary executables

DevSecOps-

easy-linux-pwn

A set of Linux binary exploitation tasks for beginners on various architectures

FirmAE

Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis

go-common

哔哩哔哩 bilibili 网站后台工程 源码

IDAPythonEmbeddedToolkit

IDA Python Embedded Toolkit -- IDAPython scripts for automating analysis of firmware of embedded devices

Java-Deserialization-Cheat-Sheet

The cheat sheet about Java Deserialization vulnerabilities

Markdown-Resume

⭐️ Markdown 简历模版

MicroBackdoor

Small and convenient C2 tool for Windows targets

moonwalk

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

PHP-Audit-Labs

一个关于PHP的代码审计项目

pulse-gosecure-rce-poc

Tool to test for existence of CVE-2020-8218

r77-rootkit

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

ubidump

Tool for viewing and extracting files from an UBIFS image

v8-tutorial-pldi2019

V8 Tutorial PLDI 2019

vlany

Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)

w0lfzhang.github.io

w0lfzhang's blog

ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.