RicterZ
Follow
Lists (1)
Stars
Automatic integrate all Xiaomi devices to HomeAssistant via miot-spec, support Wi-Fi, BLE, ZigBee devices. 小米米家智能家居设备接入Hass集成
最好用最智能最可控的目录爆破工具 | The most powerful, user-friendly, intelligent, and precise HTTP buster.
A fast vulnerability scanner helps pentesters pinpoint possibly vulnerable targets from a large number of web servers
A GUI for interacting with RicterZ's nhentai CLI tool
Small, fast tool for performing reverse DNS lookups en masse.
Kraken, a modular multi-language webshell coded by @secu_x11
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
你管这破玩意叫操作系统源码 — 像小说一样品读 Linux 0.11 核心代码
🚌 The next great DBus library for Python with asyncio support
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary
A malicious LDAP server for JNDI injection attacks
🕵️ Tool to reverse-engineer Protocol Buffers with unknown definition
jolokia-exploitation-toolkit
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 20…
📦 Make security testing of K8s, Docker, and Containerd easier.
🔨 A modern multiple reverse shell sessions manager written in go
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Web Fuzzing Box - Web 模糊测试字典与一些Payloads
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静态检测功能。并且加入了很多功能以方便进行漏洞自动化挖掘。
You Know, For WEB Fuzzing ! 日站用的字典。