whw1sfb's starred repositories
Microsoft-Activation-Scripts
A Windows and Office activator using HWID / Ohook / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
gadgetinspector
一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静态检测功能。并且加入了很多功能以方便进行漏洞自动化挖掘。
codeql_compile
自动反编译闭源应用,创建codeql数据库
SunloginRCE
向日葵RCE,网段扫描/中文显示
hoppscotch
Open source API development ecosystem - https://hoppscotch.io (open-source alternative to Postman, Insomnia)
learning-codeql
CodeQL Java 全网最全的中文学习资料
ClassHound
利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
uptime-kuma
A fancy self-hosted monitoring tool
playwright
Playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PaddleSharp
.NET/C# binding for Baidu paddle inference library and PaddleOCR
ysoserial-for-woodpecker
给woodpecker框架量身定制的ysoserial
Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite