Coder Social home page Coder Social logo

tdcoming's Projects

1120_artillery icon 1120_artillery

JAVA 插件化漏洞扫描器,Gui基于javafx。POC 目前集成 Weblogic、Tomcat、Shiro、Spring等。

1120_bridge icon 1120_bridge

无回显漏洞测试辅助平台,平台使用Java编写,提供DNSLOG,HTTPLOG等功能,辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。

1120_burplugin-java-rce icon 1120_burplugin-java-rce

******本软件仅限用于学习交流禁止用于任何非法行为****** 本版本支持elasticsearch java语言远程命令执行及文件上传 elasticsearchgroov语言远程命令执行及文件上传 struts2-005、struts2-009、struts2-013、struts2-016、struts2-019、struts2-020、struts2-devmode、 struts2-032、struts2-033、struts2-037、struts2-045、struts2-048、struts2-052 除struts2-053全部RCE漏洞验证并支持批量验证。 Struts2漏洞验证需要python环境并需要相关类库支持.点击python按钮初始化初始化python类库

1120_elasticsearch_2.4.1_test icon 1120_elasticsearch_2.4.1_test

elasticsearch2.4.1版本部署测试,主要是java API测试(版本过低,存在很多漏洞和缺点,已抛弃使用)

1120_gadgets icon 1120_gadgets

Java反序列化漏洞利用链补全计划,仅用于个人归纳总结。

1120_imxss icon 1120_imxss

国内首款Java研发的xss跨站脚本漏洞测试平台

1120_jacoco-demo icon 1120_jacoco-demo

java demo代码,主要提供 ①jacoco进行对java代码扫描覆盖率统计②sonar进行对java代码漏洞扫描

1120_java-ee-vulnweb icon 1120_java-ee-vulnweb

用于演示Java Web项目中,漏洞的成因及修复方案,可用于黑盒测试和白盒测试,部分修复方案可用于生产环境。

1120_javarce icon 1120_javarce

实战场景较通用的 Java Rce 相关漏洞的利用方式 | Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios

1120_javaserializetools icon 1120_javaserializetools

Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271/CNVD-C-2019-48814/CVE-2019-2725检查。

1120_javaunserialization icon 1120_javaunserialization

自学时写的适合Java安全小白用来学习Java反序列化漏洞的文章和Demo。(随懒狗的学习进度持续更新🐶)。Some articles and demos written during self-study which are suitable for Java Security beginner to learn the Insecure Deserialization.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.