bgrstar Goto Github PK
Name: nobgr
Type: User
Name: nobgr
Type: User
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
Java RCE 回显测试代码
Java web common vulnerabilities and security code which is base on springboot and spring security
Java应用的一些配置文件字典,来源于公开的字典与平时收集
关于学习java安全的一些知识,正在学习中ing,欢迎fork and star
Java安全研究与安全开发面试题库,同是也是常见知识点的梳理和总结,包含问题和详细的答案,计划定期更新
JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本
京东SRC小课堂系列文章
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
JSPHorse Project Backup
KCon is a famous Hacker Con powered by Knownsec Team.
Subdomain scanner, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
大型内网渗透扫描器&Cobalt Strike,Ladon7.2内置94个模块,包含信息收集/存活主机/IP扫描/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、SMBGhost、Weblogic、ActiveMQ、Tomcat、Struts2系列,密码口令爆破(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB、Netbios、LDAP、SmbHash、WmiHash、Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
This is an Internet Behavior Management System.
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
CodeQL Java 全网最全的中文学习资料
A community sourced list of log4j-affected software
Log4j jndi injects the Payload generator
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
Remote Code Injection In Log4j
BurpSuite Extension: Log4j2 RCE Scanner
The purpose of this project is to demonstrate the Log4Shell exploit with Log4J vulnerabilities using PDF as delivery channel
Log4j2 jndi injection fuzz tool (CVE-2021-44228)
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
分布式端口(漏洞)扫描、资产安全管理、实时威胁监控与通知、高效漏洞闭环、漏洞wiki、邮件报告通知、poc框架
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.