Pear1y's Projects
java source code static code analysis and danger function identify prog
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
Optimization of feihong-cs/JNDIExploit project.
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
《Golang学习资源大全-只有Go语言才能改变世界》Only Golang Can Change The World.
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Demonstrate all the questions on LeetCode in the form of animation.(用动画的形式呈现解LeetCode题目的思路)
An Open Source Java Decompiler Gui for Procyon
分享几个直接可用的内存马,记录一下学习过程中看过的文章
各种安全相关思维导图整理收集
计算机系统要素-从零开始构建现代计算机
OPNsense operating system on top of FreeBSD
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Advisories, proof of concept files and exploits that have been made public by @pedrib.
《内网安全攻防-渗透测试实战指南》一些技术点概括
每周分享一些关于渗透测试的知识点
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.
《Python Cookbook》 3rd Edition Translation
红队作战中比较常遇到的一些重点系统漏洞整理。
RegExr is a HTML/JS based tool for creating, testing, and learning about Regular Expressions.
任正非**
RMI 反序列化环境 一步步
Exploitation Framework for Embedded Devices
Optimize the problem of generating too many TCP connections using snowflake algorithm with Python.
Local privilege escalation, or remote code execution, through Splunk Universal Forwarder (UF) misconfigurations
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧