About Me
- 🐼 前奇安信某实验室成员
- 🐱 擅长代码审计 java/go/python
- 🐶 CVE-2020-1947(Apache ShardingShpere RCE) CVE-2020-1952(Apache IotDb RCE) CVE-2020-11974(Apache DolphinScheduler RCE) CVE-2021-37580(Apache ShenYu Auth Bypass)
- 🐻 目前就职于甲方安全建设与安全开发
- 🐒 时不时写点文章或者一些工具
Name: 郎里个郎里个郎
Type: User
Bio: 🕳🕳🕳🕳🕳🕳🕳🕳🕳🕳🕳🕳🕳🕳
Location: 北京
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
一个APP登录实现
输入域名>爆破子域名>扫描子域名端口>发现扫描web服务>集成报告的全流程全自动扫描器。集成oneforall、masscan、nmap、dirsearch、crawlergo、xray等工具,另支持cdn识别、网页截图、站点定位;动态识别域名并添加功能、工具超时中断等
收集所有区块链(BlockChain)技术开发相关资料,包括Fabric和Ethereum开发资料
一个各类漏洞POC知识库
blackbox
CAS 硬编码 远程代码执行漏洞
CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取漏洞poc
Query-Based Code Analysis Engine
The Compound On-Chain Protocol
CVE-2021-3019 lanproxy目录遍历任意文件读取漏洞探测POC
PoC for CVE-2021-41277
Basic PoC for CVE-2023-27524: Insecure Default Configuration in Apache Superset
CVE-2023-35843 NocoDB 任意文件读取漏洞
CVE-2024-23897 - Jenkins 任意文件读取 利用工具
DarkAngel 是一款全自动白帽漏洞扫描器,从hackerone、bugcrowd资产监听到漏洞报告生成、漏洞URL截屏、消息通知。
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
对应java安全编码系列文章
support http/https proxy.类似于finddler,由java编写,代码简单便于理解。支持http/https代理!
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
(CNVD-2021-26422)亿邮电子邮件系统 远程命令执行漏洞
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
🔨 Geetest Crack | 从 JavaScript 层面一步步破解极验「鼠标点击+滑块滑动」各种加密参数
439个goby poc,可能会有重复自行判断,来源于网络收集的Goby&POC,实时更新。
Vulnerabilities of Goby supported with exploitation.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.