tuotujingshui
Follow
Starred repositories
LFI Payloads List coolected from github repos
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
🏦 银行笔试面试经验分享及资料分享(help you pass the bank interview, and get a amazing bank offer!)
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SpringCore0day from https://share.vx-underground.org/ & some additional links
Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
spring-cloud-function SpEL RCE, Vultarget & Poc
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.
Jackson-databind远程代码执行漏洞(CVE-2020-8840)分析复现环境代码
JNDI加载RMIServer,对FastJson的反序列化攻击,附漏洞环境 & 利用Exp。护网杯CTF比赛原型题目“easy_web”。
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-…
Dahua Console, access internal debug console and/or other researched functions in Dahua devices. Feel free to contribute in this project.
Pre-Built Vulnerable Environments Based on Docker-Compose
Confluence Server Webwork OGNL injection
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup