An open-source Chinese font derived from Fontworks' Klee One. 一款开源中文字体，基于 FONTWORKS 出品字体 Klee One 衍生。

Zero-dollar attack surface management tool

Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency

2023白帽补天大会部分代码

My config for LunarVim

A mininal go http client for security testing

80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.

Weblogic环境搭建工具

GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab 16.0.0.

一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool

S&P2023 Paper

An easy-to-learn/use static analysis framework for Java

已集成到 jar-analyzer 中 https://github.com/jar-analyzer/jar-analyzer

SSH Zero-Day Made By ClumsyLulz

Mirror of the IntelliJ SDK Docs Code Samples

a rep for documenting my study, may be from 0 to 0.1

JDK源码阅读笔记

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

Get JSON values quickly - JSON parser for Go

A declarative static analysis tool for jvm bytecode based Datalog like CodeQL

SharpHostInfo是一款快速探测内网主机信息工具（深信服深蓝实验室天威战队强力驱动）

Hashcat web interface

Atlassian Bitbucket Data Center RCE(CVE-2022-26133) verification.

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Apache Solr Exploits 🌟

GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

Mac OS X Keychain Forensic Tool

Java web common vulnerabilities and security code which is base on springboot and spring security