Giters
xia0z (xiaozhaha)

xiaozhaha

Geek Repo

0

followers

7

following

57

stars

Github PK Tool:Github PK Tool

xia0z's starred repositories

OSSFileBrowse

存储桶遍历漏洞利用工具

Language:JavaStargazers:212Issues:0Issues:0

SecBooks

安全类各家文库大乱斗

Language:HTMLStargazers:809Issues:0Issues:0

wxPushWeather

微信推送-给女朋友的浪漫

Language:PythonLicense:MITStargazers:4Issues:0Issues:0

daily_push

微信公众号每日消息推送,送给女朋友一份小关怀

Language:JavaScriptLicense:MITStargazers:5Issues:0Issues:0

rogue_mysql_server

A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.

Language:GoLicense:MITStargazers:671Issues:0Issues:0

PoC-in-GitHub

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

Stargazers:6299Issues:0Issues:0

AlliN

A flexible scanner

Language:PythonStargazers:1065Issues:0Issues:0

RCEFuzzer

一个以fuzz为中心**的被动扫描工具

Stargazers:147Issues:0Issues:0

new-pac

翻墙-科学上网、自由上网、免费科学上网、免费翻墙、油管youtube、fanqiang、VPN、一键翻墙浏览器,vps一键搭建翻墙服务器脚本/教程,免费shadowsocks/ss/ssr/v2ray/goflyway账号/节点,翻墙梯子,电脑、手机、iOS、安卓、windows、Mac、Linux、路由器翻墙、科学上网

Stargazers:53649Issues:0Issues:0

fastjsonChecker

burp手工检测fastjson辅助

Language:JavaStargazers:79Issues:0Issues:0

SecDictionary

实战沉淀字典

Stargazers:970Issues:0Issues:0

poc_exp

暂停更新·······正在谋划······

Language:PythonStargazers:145Issues:0Issues:0

POC

收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了900多个poc/exp,长期更新。

Stargazers:2962Issues:0Issues:0

FastJsonParty

FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用

Language:PythonStargazers:771Issues:0Issues:0

Autorize

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

Language:PythonStargazers:907Issues:0Issues:0

AD_Pentest

红队|域渗透重要漏洞汇总(持续更新)

Stargazers:262Issues:0Issues:0

PentestDB

各种数据库的利用姿势

Stargazers:978Issues:0Issues:0

Common-tools

常用的漏洞利用工具

Stargazers:6Issues:0Issues:0

JYso

It can be either a JNDIExploit or a ysoserial.

Language:JavaLicense:GPL-3.0Stargazers:1372Issues:0Issues:0

java-memshell-generator

一款支持高度自定义的 Java 内存马生成工具|A highly customizable Java memory-shell generation tool.

Language:JavaStargazers:1504Issues:0Issues:0

security_test_guide

安全测试导论

Stargazers:83Issues:0Issues:0

Shiro-key-10w

Shiro-key 十万量级

Language:HTMLStargazers:20Issues:0Issues:0

shiro_rce_tool

shiro 反序列 命令执行辅助检测工具

Stargazers:1319Issues:0Issues:0

Fastjson

Fastjson姿势技巧集合

Stargazers:1573Issues:0Issues:0

web-sec

WEB安全手册(红队安全技能栈),漏洞理解,漏洞利用,代码审计和渗透测试总结。【持续更新】

Language:PythonStargazers:1488Issues:0Issues:0

laoyue

自动化监控赏金项目-定期收集资产,漏洞进行推送(现在可以稳定收菜,有问题issues我)-关注-夜安团队SEC-加我微信进群可下载最新自动化版本,git目前不会更新了,群里目前版本1.3.1,项目优化了非常多,功能也加入了非常多,建议进群(没收费项目放心白嫖)

Language:PythonStargazers:524Issues:0Issues:0

vercel-cs

cobalt strike服务器隐藏 - vercel

Language:PythonStargazers:6Issues:0Issues:0

fastjson_study

Abandoned - fastjson 1.2.24-1.2.80 poc & vulns env & how to check vul

Stargazers:84Issues:0Issues:0

Databasetools

一款用Go语言编写的数据库自动化提权工具,支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接

Language:GoStargazers:702Issues:0Issues:0

fastjson-exp

fastjson利用,支持tomcat、spring回显,哥斯拉内存马;回显利用链为dhcp、ibatis、c3p0。

Stargazers:232Issues:0Issues:0