Lists (2)
Sort Name ascending (A-Z)
Starred repositories
An open-source Chinese font derived from Fontworks' Klee One. 一款开源中文字体,基于 FONTWORKS 出品字体 Klee One 衍生。
Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab 16.0.0.
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
An easy-to-learn/use static analysis framework for Java
已集成到 jar-analyzer 中 https://github.com/jar-analyzer/jar-analyzer
SSH Zero-Day Made By ClumsyLulz
Mirror of the IntelliJ SDK Docs Code Samples
a rep for documenting my study, may be from 0 to 0.1
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
SharpHostInfo是一款快速探测内网主机信息工具(深信服深蓝实验室天威战队强力驱动)
Atlassian Bitbucket Data Center RCE(CVE-2022-26133) verification.
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Java web common vulnerabilities and security code which is base on springboot and spring security