专注Java开发,热衷于研究各种Java组件、中间件,深爱探究其架构设计**和源码实现,only crud boy.
threedr3am Goto Github PK
Name: threedr3am
Type: User
Name: threedr3am
Type: User
风控、大数据、算法。
陌陌风控系统静态规则引擎,零基础简易便捷的配置多种复杂规则,实时高效管控用户异常行为。
BurpSuite using the document and some extensions
阿里巴巴 MySQL binlog 增量订阅&消费组件
Sample Java web app protected by Java CAS client
cas
Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.
dubbo快速利用exp,基本上老版本覆盖100%。
AWS Service registry for resilient mid-tier load balancing and failover.
Fastjson姿势技巧集合
打CTF实在厌倦了找利用链,就知道一个fastjson的版本,一堆依赖找啊找,头都疼。为了解决这个烦恼,用了卓卓师傅的fastjson黑名单工具和库,自己改造了一下。
个人用于在自动化挖掘gadget时,方便查找gadget chains中class所在jar包,以助于便捷审计测试gadget有效性的那么一个小工具。
源代码漏洞の审计
一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静态检测功能。并且加入了很多功能以方便进行漏洞自动化挖掘。
JVM runtime class loading protection agent.(JVM类加载保护agent)
H2 is an embeddable RDBMS written in Java.
安全升级jar包时,辅助检测Java Archive (JAR) 包之间兼容性
Java常见通用漏洞和修复的代码以及利用payload
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
SRC子域名资产监控
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊
牛屎花 一款C2远控
各种安全相关思维导图整理收集
IDEA静态代码安全审计及漏洞一键修复插件
This project contains a Docker image meant to facilitate the deployment of Nacos .
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.