b1ngda0 Goto Github PK
Type: User
Type: User
准确率99.9%的ip地址定位库
Java web common vulnerabilities and security code which is base on springboot and spring security
Getting started with java code auditing 代码审计入门的小项目
a rep for documenting my study, may be from 0 to 0.1
java代码审计学习笔记
Share Things Related to Java - Java安全漫谈笔记相关内容
40+ Gadgets(More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
A Joomla password brute force tester
A free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan.
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
Super JSP Webshell
k8s tutorials | k8s 教程
A tool to perform Kerberos pre-auth bruteforcing
Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
类似按键精灵的鼠标键盘录制和自动化操作 模拟点击和键入 | automate mouse clicks and keyboard input
Fork of Koadic
Exploit for CVE-2021-3129
对于安全学习的一些总结,更新ing,期待 Fork & Star!
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
A little tool to play with the Seclogon service
分享几个直接可用的内存马,记录一下学习过程中看过的文章
超详细的渗透测试思维导图
一款用于快速导出URL、Domain和IP的小工具
一款域渗透扫描工具,方便一键自动化、全方位的信息收集及扫描域提权漏洞。
Bildiğiniz üzere uzun zamandır MSSQL üzerine çalışmalar yapmaktayım. Bu yazımda uzun zamandır uğraştığım bir konuyu ele alacağım, MSSQL Rootkit. Bildiğiniz üzere şimdiye kadar MS-SQL için anlatılan post-exploitation işlemlerinin büyük çoğunluğu “xp_cmdshell” ve “sp_OACreate” stored procedure’lerini kullanarak anlatılır. Peki xp_cmdshell ve sp_OACreate stored procedure’lerinin olmadığı bir MSSQL sunucusunun “sa” hesabını ele geçirmişsek, o sisteme girmekten vaz mı geçeceğiz? Tabii ki vazgeçmememiz gerekiyor. Bu makale “sa” hesabının yakalandığı ve “xp_cmdshell”, “sp_OACreate”, “sp_OAMethod” vb. prosedürlerin hiç birinin çalışmadığı bir senaryo düşünülerek kaleme alınmıştır.
:atom: [WIP] 整理过去的分享,从零开始的Kubernetes攻防 ...
OAExploit一款基于产品的一键扫描工具。
一些常用的Python脚本
Nim Socks5 library
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.