olywl's repositories
apache-log4j-poc
Apache Log4j 远程代码执行
APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
CVE-2021-40444
CVE-2021-40444 PoC
CVE-2021-40444_builders
This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit
DBJ
大宝剑-边界资产梳理工具(红队、蓝队、企业组织架构、子域名、Web资产梳理、Web指纹识别、ICON_Hash资产匹配)
defi_poc
POC for DeFi Vulnerabilities
devsecops
企业安全建设
evm-opcodes
Ethereum opcodes and instruction reference
fapro
Fake Protocol Server
Finger
A tool for recognizing function symbol
frida-scripts
Frida Scripts
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
Grafana-VulnTips
Grafana Unauthorized arbitrary file reading vulnerability
heroku-vless
利用Heroku部署高性能代理免费vless服务
hooker
🔥🔥hooker是一个基于frida实现的逆向工具包。为逆向开发人员提供统一化的脚本包管理方式、通杀脚本、自动化生成hook脚本、内存漫游探测activity和service、firda版JustTrustMe、disable ssl pinning
JNDIExploit
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
learning-solidity
The companion to the Youtube tutorials
Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
log4j2Scan-1
用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
Log4j2Scan-2
Log4j2 RCE Passive Scanner plugin for BurpSuite
Log4j_RCE_Tool
Log4j 多线程批量检测利用工具
MAIAN
MAIAN: automatic tool for finding trace vulnerabilities in Ethereum smart contracts
ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
papers
SlowMist Vulnerability Research Advisories
strongR-frida-android
An anti detection version frida-server for android.
supplier
主流供应商的一些攻击性漏洞汇总
twint
An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.
vulfocus
🚀Vulfocus 是一个漏洞集成平台,将漏洞环境 docker 镜像,放入即可使用,开箱即用。