welk1n's repositories
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
JNDI-Injection-Bypass
Some payloads of JNDI Injection in JDK 1.8.0_191+
FastjsonPocs
一些结合第三方组件的Fastjson POC,在1.2.48以后版本中陆续被添加至黑名单。
ReverseShell-Java
Generating payloads to reverse shell in different contexts of java.
exploiting-groovy-in-Java
Some payloads of exploiting groovy in java.
jvm-sandbox
Real - time non-invasive AOP framework container based on JVM
SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
CobaltStrike
CobaltStrike's source code
find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
gadgetinspector
A byte code analyzer for finding deserialization gadget chains in Java applications
homebrew-core
🍻 Default formulae for the missing package manager for macOS
OSfooler-ng
OSfooler-ng prevents remote active/passive OS fingerprinting by tools like nmap or p0f
Potatso
Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework. ***This project is unmaintained, try taking a look at this fork https://github.com/shadowcoel/shadowcoel instead.