rabbitsafe Goto Github PK
Name: rabbit_safe
Type: User
Name: rabbit_safe
Type: User
icp备案查询
边界打点后的自动化渗透工具
Dex to Java decompiler
Java源码分析 【源码笔记】专注于Java后端系列框架的源码分析,每周持续推出Java后端系列框架的源码分析文章。
java图形化漏洞利用工具集
50+ Gadgets(17 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
A malicious LDAP server for JNDI injection attacks
对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改
前端参数加密渗透测试通用解决方案
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
jsrpc,在浏览器开启一个ws和服务连接,以请求http接口的形式来和浏览器通信 ,浏览器端收到调用通信执行原先设置好的js代码并获得返回值。
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Study Notes For Web Hacking / Web安全学习笔记
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
Remote Code Injection In Log4j
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
Log4j2 RCE Passive Scanner plugin for BurpSuite
用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell.
Log4j2 jndi injection fuzz tool
LSTAR - CobaltStrike 综合后渗透插件
Cobalt Strike Malleable C2 Design and Reference Guide
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.