xichawai's repositories
CVE-2018-17456
Proof of concept of CVE-2018-17456
log4j-payload-generator
Log4j jndi injects the Payload generator
acefile
POC of https://research.checkpoint.com/extracting-code-execution-from-winrar/
CTFReposityStore
打过的 CTF 的附件
CVE-2018-17182
Linux 内核VMA-UAF 提权漏洞(CVE-2018-17182),0day
CVE-2020-2555
Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE
CVE-2021-4034
CVE-2021-4034 1day
exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Fast-RDP-Brute-GUI-v2.0-by_Stas-M--Official
Fast-RDP-Brute(frdpb)官方版,及获取来源
go-shellcode
Load shellcode into a new process
hangzhou_house_knowledge
2017年买房经历总结出来的买房购房知识分享给大家,希望对大家有所帮助。买房不易,且买且珍惜。Sharing the knowledge of buy an own house that according to the experience at hangzhou in 2017 to all the people. It's not easy to buy a own house, so I hope that it would be useful to everyone.
JavaEETest
Spring、SpringMVC、MyBatis、Spring Boot案例
javasec
自己学习java安全的一些总结,主要是安全审计相关
javaweb-sec
攻击Java Web应用-[Java Web安全]
Kysoserial
ysoserial for su18
Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
MS17-010
MS17-010
MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
PoC-in-GitHub
📡PoC auto collect from GitHub.
rmi-jndi-ldap-jrmp-jmx-jms
rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
SweetBabyScan
Red Tools 渗透测试
wsMemShell
WebSocket 内存马/Webshell,一种新型内存马/WebShell技术
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.