yangbh's repositories
crazy-email-recv-srv
模拟邮件服务器,批量注册利器
pyAntiSSRF
anti ssrf by hijack requests
ByteCodeDL
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
codeql
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
extractor-java
CodeQL extractor for java, which don't need to compile java source
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
FastjsonExploit
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
Java_deserialize_vuln_lab
Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
MySootScript
oh my soot !
phpvul
php8 mysqli sql injections
rogue_mysql_server
一个支持 go, php, python, java, 原生命令行等多种语言下客户端的 mysql 恶意服务器
sarif-web-component
A React-based component for viewing SARIF files.
semgrep-rules
Semgrep rules registry
SootTutorial
A step-by-step tutorial for Soot (a Java static analysis framework)
Spark
✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的,网页UI、跨平台以及多功能的远程控制和监控工具,你可以随时随地监控和控制所有设备。
Struts2-Vuln-Demo
Struts2漏洞实例源码
tabby
A CAT called tabby ( Code Analysis Tool )
tabby-path-finder
A neo4j procedure for tabby (dev)
Tai-e
An easy-to-learn/use static analysis framework for Java
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
yangbh.github.io
blog
ysomap
A helpful Java Deserialization exploit framework based on ysoserial