🇻🇳
th13
  • info
  • JAVA
    • Notes: RMI linh tinh
    • [CVE-2013-2165] Phân tích RichFaces vulnerability thông qua CTF challenge
  • CTF WRITE UP
    • [Web]ImaginaryCTF 2021
    • [Web]CSAW CTF 2021
    • [Web]RaRCTF 2021
    • [Web]LIT CTF 07/2021
    • [Web]redpwn 2021
    • [Web]WeCTF 2021
    • [Web]WannaGame 21/05/2021
    • [Web]San Diego CTF 2021
    • [Web]picoMini by redpwn
    • [Web]WannaGame 17/04/2021
    • [Web]picoCTF 2021
    • [Web]BambooCTF/Calc.exe
  • saved
    • Tài liệu JAV Sờ cu 101
    • [NT230]PE file Injection
    • [WU][web]root-me
    • [WU]Lord of SQLinjection
    • [WU][Web]CyberTalents
    • [exploit][sqli]Challenge ngày Tết
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
  1. saved

Tài liệu JAV Sờ cu 101

Previous[Web]BambooCTF/Calc.exeNext[NT230]PE file Injection

Last updated 2 years ago

Was this helpful?

Tại đây lưu các resources từ những tiền bối master java đi trước.

Lời đầu tiên thì cảm ơn anh @tsu đã là người đầu tiên support cho em rồi sau đó follow theo những bài viết của anh @peterjson và anh @jang aka testanull. Đặc biệt là người bạn @petrusviet đã đi trước mình 1 năm trong bộ môn này.

Resource

@petrusviet: (path)

Bắt đầu với spring boot + mvc:

java web common vuln:

@tsu: (Tổng hợp java ctf chall)

@peterjson:

@testbnull:

more:

https://www.youtube.com/watch?v=DgGtpCp7aQk&list=PLsfLgp1K1xQ6laPt_zYpDGwZk6MTx7jn0
GitHub - JoyChou93/java-sec-code: Java web common vulnerabilities and security code which is base on springboot and spring securityGitHub
https://xz.aliyun.com/t/9117
Java代码审计 · Ywc's blog
Java 回显综述
Logo
Logo
https://xz.aliyun.com/t/9002
https://xz.aliyun.com/t/8500
https://xz.aliyun.com/t/9197
Java 101 - HackMDHackMD
The Art of Deserialization Gadget HuntingMedium
GitHub - tsug0d/LearnJavaVulnerability: Collection of awesome java challenges CTF, made from everyone on the internet :)GitHub
Java 101 - HackMDHackMD
Logo
[RMI] Study Note And Some Study CaseMedium
GitHub - frohoff/ysoserial: A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.GitHub
The Art of Deserialization Gadget Hunting - VNPT Cyber ImmunityVNPT Cyber Immunity
GitHub - welk1n/ReverseShell-Java: Generating payloads to reverse shell in different contexts of java.GitHub
Logo
GitHub - JackOfMostTrades/gadgetinspector: A byte code analyzer for finding deserialization gadget chains in Java applicationsGitHub
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo