osword's starred repositories
excalidraw
Virtual whiteboard for sketching hand-drawn like diagrams
yudao-cloud
ruoyi-vue-pro 全新 Cloud 版本,优化重构所有功能。基于 Spring Cloud Alibaba + MyBatis Plus + Vue & Element 实现的后台管理系统 + 用户小程序,支持 RBAC 动态权限、多租户、数据权限、工作流、三方登录、支付、短信、商城、CRM、ERP、AI 大模型等功能。你的 ⭐️ Star ⭐️,是作者生发的动力!
CTF-All-In-One
CTF竞赛权威指南
YiShaAdmin
基于 .NET Core MVC 的权限管理系统,代码易读易懂、界面简洁美观
JDumpSpider
HeapDump敏感信息提取工具
RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
h2csmuggler
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
learn-java-asm
:bug: Java ASM
mysql-jdbc-tricks
JDBC Attack Tricks
Bypass_JVM_Verifier
Bypass JVM Class ByteCode Verifier , 对抗反编译器
SpringBootAdmin-thymeleaf-SSTI
SpringBootAdmin-thymeleaf-SSTI which can cause RCE
reverse_debug_frida
逆向调试利器:Frida
CVE-2022-42475
An exploit for CVE-2022-42475, a pre-authentication heap overflow in Fortinet networking products
CVE-2021-44228
Utilize Tai-e to identify the Log4shell (a.k.a. CVE-2021-44228) Vulnerability