Lists (3)
Stars
Significant security enchancements of recent major Android versions.
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13
Jar Analyzer - 一个JAR包分析工具,批量分析,SCA漏洞分析,方法调用关系搜索,字符串搜索,Spring组件分析,信息泄露检查,CFG程序分析,JVM栈帧分析,进阶表达式搜索,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码,一键分析BCEL字节码
A simple client for Android
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy lea…
Official home of the DB Browser for SQLite (DB4S) project. Previously known as "SQLite Database Browser" and "Database Browser for SQLite". Website at:
Frida Multiple Bypass (SSL Pinning + Root Detection + Emulator Detection + Frida Detection + Flutter tls)
Java web common vulnerabilities and security code which is base on springboot and spring security
为供应链漏洞扫描设计的快速应急响应工具 [快速应急] [漏洞扫描] [端口扫描] [xray2.0进行时] A fast emergency response tool designed for supply chain vulnerability scanning.
基于 docsify 快速部署 Awesome-POC 中的漏洞文档
[WIP] 整理过去的分享,从零开始的Kubernetes攻防 🧐
AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS管理,RDS/DB管理,域名管理,添加RAM/CAM/IAM账号等
Linux privilege escalation auditing tool
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
This is a tool to help androidcoder to check the flaws in their projects.
Gather and update all available and newest CVEs with their PoC.
cwe_checker finds vulnerable patterns in binary executables
Exploit app for CVE-2021-39670 and CVE-2021-39690, two permanent denial-of-service vulnerabilities in Android's wallpaper system
网络空间安全学院
🔥🔥hooker是一个基于frida实现的逆向工具包。为逆向开发人员提供统一化的脚本包管理方式、通杀脚本、自动化生成hook脚本、内存漫游探测activity和service、firda版JustTrustMe、disable ssl pinning
burpsuite extension for check and extract sensitive request parameter