🔥 I'm a DevOps ATT&DEF, Open-Sourcerer, focusing on security issues related to DevOps, and transforming the research into security products such as SCA, RASP, IAST, SAST, DAST, SPM, etc.
| Project | description | State |
|---|---|---|
| PPPYSO | proof-of-concept for generating Java deserialization payload | Proxy MemShell | 🍀 Active Development |
| JavaRce | Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 🪴 Intermittent Updates |
| PPPVULNS | Java CVE Vulnerability Environment | 🪴 Intermittent Updates |
| PPPRASP | JavaRce complements project - use RASP to prevent vulnerabilities | 🪴 Intermittent Updates |
| utf-8-overlong-encoding | utf-8-overlong-encoding | 🌲 Completed |
| nacosScan | nacos api bypass & jwt bypass & get all configs | 🌲 Completed |