nbxiglk's Projects
一些随手存的文章和pdf
Codeql学习笔记
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
Java应用的一些配置文件字典,来源于公开的字典与平时收集
A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
笔记
Deploy Apache OFBiz Using Docker
A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。
Java web路由内存分析工具
面向开发人员梳理的代码安全指南
POC for RCE using vulnerabilities described in VMSA-2023-0001
Extract website information from Vue
Weblogic环境搭建工具
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.