yyhuni's repositories
shiroMemshell
利用shiro反序列化注入冰蝎内存马
Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
Blind-SSRF
Nuclei Templates to reproduce Cracking the lens's Research
Burp4SSRF
burp extension for SSRF
BurpJSfinder
A burpsuite extender use to discoverd url in JS.
callPhoneBoom
最新可用!!!夺命百连呼、电话轰炸、电话攻击(电话轰炸、可代替短信轰炸)、留言攻击工具
ChatGPT-Next-Web
A well-designed cross-platform ChatGPT UI (Web / PWA / Linux / Win / MacOS). 一键拥有你自己的跨平台 ChatGPT 应用。
CVE-2021-2394
POC of CVE-2021-2394
Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Fastjson
Fastjson姿势技巧集合
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
Hello-Java-Sec
☕️ Java Security,安全编码和代码审计
JavaThings
Share Things Related to Java - Java安全漫谈笔记相关内容
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
JNDIExploit
A malicious LDAP server for JNDI injection attacks
JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
Middleware-Vulnerability-detection
CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15
password_brute_dictionary
口令爆破字典,有键盘组合字典、拼音字典、字母与数字混合这三种类型
remote-method-guesser
Java RMI Vulnerability Scanner
Savior
渗透测试报告自动生成工具!
sensinfor
A chrome extension use to find leak file and backup file.
SerializationDumper
A tool to dump Java serialization streams in a more human readable form.
shiro_rce_tool
shiro rce tool 反序列 命令执行 一键工具 回显
ShiroExploit
ShiroExploit 是一款 Shiro 可视化利用工具,集成密钥爆破,命令回显内存马注入等功能
ShiroVulnEnv
Shiro内存马注入环境
springboot-shiro
springboot-shiro环境
yuque
解决语雀导出markdown文件,在Typora中打开图片无法正常显示的问题
yyhuni.github.io
个人博客