一个各种方式突破Disable_functions达到命令执行的shell

A curated list of various bug bounty tools

Deserialization payload generator for a variety of .NET formatters

Things help you get started with Java Vulnerability

The cheat sheet about Java Deserialization vulnerabilities

总结了20+.Net反序列化文章，持续更新

记录一下 Java 安全学习历程，也算是半条学习路线了

dotnet 反序列化学习笔记

Potentially dangerous files

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

project-blacklist3r

Web CTF CheatSheet 🐈

All about bug bounty (bypasses, payloads, and etc)

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

Various tips & tricks

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF

a rep for documenting my study, may be from 0 to 0.1

《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.