ethan-1106 Goto Github PK

ios-debug-hacks

:dart: Advanced debugging skills used in the iOS project development process, involves the dynamic debugging, static analysis and decompile of third-party libraries. iOS 项目开发过程中用到的高级调试技巧，涉及三方库动态调试、静态分析和反编译等领域

java-sec-code

Java web common vulnerabilities and security code which is base on springboot and spring security

javathings

Share Things Related to Java - Java安全漫谈笔记相关内容

jazzer

Coverage-guided, in-process fuzzing for the JVM

jquery-file-upload

File Upload widget with multiple file selection, drag&drop support, progress bar, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file uploads. Works with any server-side platform (Google App Engine, PHP, Python, Ruby on Rails, Java, etc.) that supports standard HTML form file uploads.

k8s-tutorials

k8s tutorials | k8s 教程

kcon

KCon is a famous Hacker Con powered by Knownsec Team.

kotlin-android-examples

:muscle: [Examples] Isolated applications purely on Kotlin, for all android devs out there

launchanywhere_poc_by_retme_bug_7699048

source code & PoC file of launchAnyWhere problem

leakvalue

Exploit for CVE-2022-20452, privilege escalation on Android from installed app to system app (or another app) via LazyValue using Parcel after recycle()

learn-frida

Modding Unity app with Frida tutorial.

learn-security-from-0

从0开始学安全，注重实战+技巧的运用，分享各种安全攻防干货，包括但不限于：Web安全、代码审计 、内网渗透、企业安全等。

learnjavabug

Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

libfuzzer-workshop

Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.

linkfinder

A python script that finds endpoints in JavaScript files

linux-re-101

A collection of resources for linux reverse engineering

loggerplusplus-api-filters

A Collection of Logger++ Filters for Hunting API Vulnerabilities

medusa

Binary instrumentation framework based on FRIDA

mitm-cheatsheet

All MITM attacks in one place.

mobile-security-framework-mobsf

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

mobilectf

体系化、实战化、step by step、目标清晰且具体的一个打怪升级、成长路径规划图

my-re0-k8s-security

:atom: [WIP] 整理过去的分享，从零开始的Kubernetes攻防 🧐

myawesomewebchallenge

Collection of my capture-the-flag web challenge in any levels

nightmare

objection

📱 objection - runtime mobile exploration

ossf-cve-benchmark

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

owasp-mstg

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.

papers_and_slides

payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

pentest-guide

Penetration tests guide based on OWASP including test cases, resources and examples.