Skip to content
View lemono0's full-sized avatar
🎯
Focusing
🎯
Focusing
74 followers · 60 following
  • lemono.lth@gmail.com
  • Hangzhou

Achievements

Achievement: Starstruckx3

Achievements

Achievement: Starstruckx3

Block or report lemono0

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
lemono0/README.md

Hi there 👋

Pinned Loading

  1. FastJsonParty FastJsonParty Public

    FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用

    Python 809 93

  2. crow821/vulntarget crow821/vulntarget Public

    vulntarget靶场系列

    683 79

  3. ysoserial-su18 ysoserial-su18 Public

    Forked from 957204459/ysoserial-1

    此项目为su18大佬的仓库镜像,如有问题可发issuse删库

    Java 8 9

  4. JavaRce JavaRce Public

    Forked from Whoopsunix/JavaRce

    对照实战场景梳理较通用的 Java Rce 相关漏洞的利用方式

    Java 1

  5. JYso JYso Public

    Forked from qi4L/JYso

    It can be either a JNDIExploit or a ysoserial. JYso是一个可以用于 jndi 注入攻击和生成反序列化数据流的工具。

    Java

  6. ysoserial ysoserial Public

    Forked from Y4er/ysoserial

    ysoserial修改版,着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。

    Java