xsr7yer Goto Github PK
Type: User
Type: User
JNDI加载RMIServer,对FastJson的反序列化攻击,附漏洞环境 & 利用Exp。护网杯CTF比赛原型题目“easy_web”。
Browser's XSS Filter Bypass Cheat Sheet
免费的计算机书籍资源,欢迎投稿添加
FuzzDomain
A tool to fastly get all javascript sources/files
Reconnaissance tool for GitHub organizations
Load shellcode into a new process
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
【JavaSE】Java 知识汇总(资源,工具,笔记,源码,文章,文档分类整理);项目由Gradle版本工具构建;目前持续更新中...
Golang安全资源合集
Project "hak.lnk" - Resource Links For Hackers
用 JAVA(J2SE) 实现的一个背单词程序,可自由选择词库。
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
Default plugins for Jaeles Scanner
存放JAVA开发的设计**、算法:《剑指Offer》、《编程珠玑》、《深入理解Java虚拟机:JVM高级特性与最佳实践》、《重构-改善既有代码的设计 中文版》、《clean_code(中文完整版)》、《Java编程**(第4版)》、《Java核心技术 卷I (第8版)》、《Quartz_Job+Scheduling_Framework》;一些大的上传不上来的文件在README
:banana: 我的技术摘要
The cheat sheet about Java Deserialization vulnerabilities
******本软件仅限用于学习交流禁止用于任何非法行为****** \n本版本支持weblogic反序列化漏洞命令执行及文件上传,elasticsearch java语言远程命令执行及文件上传 elasticsearchgroov语言远程命令执行及文件上传 struts2-005、struts2-009、struts2-013、struts2-016、struts2-019、struts2-020、struts2-devmode、 struts2-032、struts2-033、struts2-037、struts2-045、struts2-048、struts2-052 除struts2-053全部RCE漏洞验证并支持批量验证。 Struts2漏洞验证需要python环境并需要相关类库支持.点击python按钮初始化初始化python类库 如果初始化失败请按照如下步骤安装类库, 1、执行 $[python]/Scrips/easy_install pip 2、requests模块 安装方法 pip install requests 3、termcolor模块安装方法: pip install termcolor
【Java学习+面试指南】 一份涵盖大部分Java程序员所需要掌握的核心知识。
JavaPayload is a collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfigurations (like not password protected Tomcat manager or debugger port).
不定期收集与JAVA有关书籍或文章
Java基础入门
JEECG是一款基于代码生成器的J2EE快速开发平台,开源界“小普元”超越传统商业企业级开发平台。引领新的开发模式(Online Coding模式(自定义表单) - > 代码生成器模式 - > 手工MERGE智能开发), 可以帮助解决Java项目90%的重复工作,让开发更多关注业务逻辑。既能快速提高开发效率,帮助公司节省人力成本,同时又不失灵活性。具备:表单配置能力(无需编码)、移动配置能力、工作流配置能力、报表配置能力(支持移动端)、插件开发能力(可插拔)
Inject a JS file into a PDF file.
Collection of username lists for enumerating kerberos domain users
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
Study Notes For Web Hacking
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.