twoday's Projects
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
apache日志特征提取
Automatically generate four arithmetic expression command line programs
i茅台app自动预约,每日自动预约,支持docker一键部署(本项目不提供成品,使用的是已淘汰的算法)
用于快速查询IP归属地的小型工具
CobaltStrike <= 4.7.1 RCE
cve2022-26134
Pure Implementations for encryption algorithms including DES, RSA, AES, Elgamal.
Ghostcat read file/code execute,CNVD-2020-10487(CVE-2020-1938)
遍历给定父目录下的文件,压缩后并删除原文件
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
A collection of curated Java Deserialization Exploits
java source code static code analysis and danger function identify prog
记录总结Java内存马的类型和相关代码示例
Share Things Related to Java - Java安全漫谈笔记相关内容
攻击Java Web应用-[Java Web安全]
大型内网渗透扫描器&Cobalt Strike,Ladon6.6内置74个模块,包含信息收集/存活主机/IP扫描/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、SMBGhost、Weblogic、ActiveMQ、Tomcat、Struts2系列,密码口令爆破(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB、LDAP、SmbHash、WmiHash、Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Burpsuite插件:自动解码Burpsuite中被Unicode编码的内容
Nginx日志安全分析脚本
some computer science notes
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PHP各种一句话收集
PowerSploit - A PowerShell Post-Exploitation Framework
Some python utility scripts
SSL-encrypted reverse shell
增加自定义gadget触发客户端代码执行 绕过高版本JDK远程加载限制
Rootkits that hide network connections and processes
JAVA安全SDK