๐ฅ I'm a DevOps ATT&DEF, focusing on security issues related to DevOps, most about Java, and transforming the research into security products such as RASP, IAST, DAST, SAST, SCA, SPM, etc. WIKI link
Project | description | State |
---|---|---|
JavaRce | Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | ๐ Active Development |
PPPYSO | proof-of-concept for generating Java deserialization payload | Proxy MemShell | ๐ Active Development |
PPPRASP | JavaRce complements project - use RASP to prevent vulnerabilities | ๐ Active Development |
PPPVULNS | Java CVE Vulnerability Environment | ๐ชด Intermittent Updates |
utf-8-overlong-encoding | ๆฝ็ฆปๅบ utf-8-overlong-encoding ็ๅบๅๅ้ป่พ๏ผๅฎ็ฐ 2 3 ๅญ่ๅ ๅฏๅบๅๅๆฐ็ป | ๐ฒ Completed |
nacosScan | nacos api bypass & jwt bypass & get all configs | ๐ฒ Completed |