welk1n/BaRMIeJava
Java RMI enumeration and attack tool.
(5 stars) (2 forks) (0 indexed issues) (0 open good first issues)
Repositories
welk1n repositories
一些结合第三方组件的Fastjson POC,在1.2.48以后版本中陆续被添加至黑名单。
(56 stars) (3 forks) (0 indexed issues) (0 open good first issues)
Some payloads of JNDI Injection in JDK 1.8.0_191+
(483 stars) (81 forks) (0 indexed issues) (0 open good first issues)
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
(2,328 stars) (715 forks) (0 indexed issues) (0 open good first issues)
welk1n/OSfooler-ngPython
OSfooler-ng prevents remote active/passive OS fingerprinting by tools like nmap or p0f
(0 stars) (0 forks) (0 indexed issues) (0 open good first issues)
welk1n/PotatsoSwift
Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework. ***This project is unmaintained, try taking a look at this fork https://github.com/shadowcoel/shadowcoel instead.
(0 stars) (0 forks) (0 indexed issues) (0 open good first issues)
Generating payloads to reverse shell in different contexts of java.
(51 stars) (10 forks) (0 indexed issues) (0 open good first issues)
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
(3 stars) (4 forks) (0 indexed issues) (0 open good first issues)
(0 stars) (0 forks) (0 indexed issues) (0 open good first issues)
Some payloads of exploiting groovy in java.
(10 stars) (5 forks) (0 indexed issues) (0 open good first issues)
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
(0 stars) (1 fork) (0 indexed issues) (0 open good first issues)
A byte code analyzer for finding deserialization gadget chains in Java applications
(0 stars) (1 fork) (0 indexed issues) (0 open good first issues)
🍻 Default formulae for the missing package manager for macOS
(0 stars) (0 forks) (0 indexed issues) (0 open good first issues)
welk1n/ipdb-javaJava
IPIP.net officially supported IP database ipdb format parsing library
(1 star) (0 forks) (0 indexed issues) (0 open good first issues)
Jailbreak
(0 stars) (0 forks) (0 indexed issues) (0 open good first issues)
Real - time non-invasive AOP framework container based on JVM
(3 stars) (2 forks) (0 indexed issues) (0 open good first issues)
(0 stars) (0 forks) (0 indexed issues) (0 open good first issues)
一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发,支持内网http代理、内网socks5代理,同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理,集成多用户模式。
(0 stars) (0 forks) (0 indexed issues) (0 open good first issues)
tart, but with custom AVPBooter ROM, serial I/O, DFU mode, GDB debugging (port 8000), SEP debugging (port 8001), and panic halting. See help menus for `tart create` and `tart run` for more info. Requires SIP/AMFI to be disabled for required entitlement and "csrutil allow-research-guests enable"
(0 stars) (0 forks) (0 indexed issues) (0 open good first issues)
welk1n/ysoserialJava
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
(0 stars) (0 forks) (0 indexed issues) (0 open good first issues)