Stars
Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
Cisco ASA Software and ASDM Security Research
Awesome information for WebSockets security research
Firmware rebuild tool for Asus ARM routers.
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
Determine the Version Running on the Palo Alto Network Firewall for the Global Protect Portal
tiny, portable SOCKS5 server with very moderate resource usage
一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
CodeQL extractor for java, which don't need to compile java source
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
Public repository of statically compiled GDB and GDBServer
SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)
SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with …
Tool for injecting a shared object into a Linux process
😎 Awesome lists about all kinds of interesting topics
Curating the best DevSecOps resources and tooling.