This is your work, valued

Taiwan

Orange Tsai

Elite
@orangetw

My-CTF-Web-Challenges. Collection of CTF Web challenges I made

2.9k

My-Presentation-Slides. Collections of Orange Tsai's public presentation slides.

759

tsh. Tiny SHell is an open-source UNIX backdoor.

710

awesome-jenkins-rce-2019. There is no pre-auth RCE in Jenkins since May 2017, but this is the one!

610

Tiny-URL-Fuzzer. A tiny and cute URL fuzzer

403

bug-bounty-reference. Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

59

Some-PoC-oR-ExP. 各种漏洞poc、Exp的收集或编写

32

blog.orange.tw. static sites for blog.orange.tw

22

pysslShells. Finally, reverse/bind shells written in python, encrypted with ssl!

11

JNDI-Injection-Bypass. Some payloads of JNDI Injection in JDK 1.8.0_191+

10

Java-Deserialization-Cheat-Sheet. The cheat sheet about Java Deserialization vulnerabilities

9

Vulnerable-Django. Python

8

webshell. This is a webshell open source project

8

how2heap. A repository for learning various heap exploitation techniques.

6

J2EEScan. J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.

6

hitcon2013-wargame.github.com. wargame.hitcon.org

5

wooyun_articles. wooyun_articles fork from

4

ctf-writeup. Just another stupid logs

4

xss.swf. a tiny tool for swf hacking, just browse it:)

3

python-websocket-server. A simple fully working websocket-server in Python with no external dependencies

3

scapy. Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

3

pentest_study.

3

curl. Curl is a tool and libcurl is a library for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, GOPHER, TFTP, SCP, SFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3, RTSP and RTMP. libcurl offers a myriad of powerful features

3

ActiveScan3Plus. Modified version of ActiveScan++ Burp Suite extension

3

burp-exceptions. Simple trick to increase readability of exceptions raised by Burp extensions written in Python

3

Windows-Exploit-Suggester. This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.

2

Micro8.

2

articles. Post release curated articles (MarkDown & Corrections)

2

Responder. Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

1

S2-046-PoC. S2-046-PoC

1

cookitor-site. A site to easily decode the content of Rails sessions stored in cookies.

1

network-emulator. LD_PRELOAD POSIX network API emulator

1

aniarc-skype-bot. Simple Python (Py4Skype) Bot, Pushing Github, BitBucket, Errbit, Capistrano HTTP Post to Skype Chat Channel

1

de4dot. .NET deobfuscator and unpacker.

1

ModSecurity. ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.

1

Gdbinit. Gdbinit for OS X, iOS and others - x86, x86_64 and ARM

1