☆57Nov 28, 2023Updated 2 years ago
Alternatives and similar repositories for dragon-lab
Users that are interested in dragon-lab are comparing it to the libraries listed below
Sorting:
- OpenFire 管理后台账号密码解密☆30Dec 15, 2020Updated 5 years ago
- Cs-Sleep-Mask-Fiber☆18May 16, 2025Updated 9 months ago
- 红队自动化打点神器!!! ARL使用代理池联动nuclei,xray并通过企业微信机器人告警。☆26Sep 29, 2024Updated last year
- 备份下比赛附件☆22Jan 23, 2023Updated 3 years ago
- NTLM/Negotiate authentication over HTTP that supports Pass The Hash Mode (PtH)☆17Sep 13, 2024Updated last year
- echoes(回响)是一款Github,红队监测工具☆14Mar 31, 2022Updated 3 years ago
- 可以从公开仓库直接拖取镜像的一个小工具 方便直接解包审计代码☆13Feb 11, 2023Updated 3 years ago
- ☆14Aug 4, 2021Updated 4 years ago
- ☆306Feb 27, 2025Updated last year
- 快速筛选Enscan输出结果中的domain,让你在红蓝攻防中快人一步☆30Aug 13, 2025Updated 6 months ago
- Alibab Nacos Unauthorized Login☆14Mar 16, 2023Updated 2 years ago
- ☆17Aug 25, 2022Updated 3 years ago
- 【三万字原创】完全零基础从0到1掌握Java内存马,公众号:追梦信安☆986May 25, 2025Updated 9 months ago
- 电子书籍-代码审计-域渗透(内网思路)-免杀-云安全☆50May 10, 2024Updated last year
- burpsuite插件-被动无感识别指纹-主动poc扫描☆29Sep 13, 2024Updated last year
- PortBender修改为exe版本☆29Jul 24, 2023Updated 2 years ago
- 哥斯拉webshell管理工具二次开发规避流量检测设备☆1,044Dec 2, 2025Updated 2 months ago
- 命令执行不回显但DNS协议出网的命令回显场景解决方案☆277Jan 10, 2023Updated 3 years ago
- 本项目包含CobaltStrike密码爆破、伪造上线以及DDos功能。其中伪造上线支持常见魔改版CS。This project includes CobaltStrike password blasting, fake online and DDos functions. …☆71Feb 28, 2025Updated last year
- JDBC Attack Tricks☆154Sep 3, 2023Updated 2 years ago
- 应对渗透中极限环境下命令回显 & 文件落地☆132Jul 1, 2022Updated 3 years ago
- FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用☆1,182Jul 12, 2024Updated last year
- Hacking the Linux kernel☆15Jun 17, 2023Updated 2 years ago
- 攻击Java Web应用-[Java Web安全]☆15Dec 9, 2020Updated 5 years ago
- fastjson 80 远程代码执行漏洞复现☆199Sep 7, 2022Updated 3 years ago
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆461Jan 12, 2025Updated last year
- 解析netsh抓取的etl文件来定位windows主机上存在ICMP通信的进程与文件的小工具☆31Apr 22, 2022Updated 3 years ago
- 就是一个burp插件啦(ÒܫÓױ)☆17Sep 9, 2021Updated 4 years ago
- 如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过☆53Sep 10, 2023Updated 2 years ago
- 【两万字原创】零基础学fastjson漏洞(提高篇),公众号:追梦信安☆211Dec 7, 2023Updated 2 years ago
- 各种数据库的利用姿势☆1,034Jan 3, 2025Updated last year
- ☆47Jul 9, 2022Updated 3 years ago
- 云安全利用工具-云平台AK/SK-WEB利用工具,添加AK/SK自动检测资源,无需手动执行,支持云服务器、存储桶、数据库操作☆583Dec 19, 2024Updated last year
- TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.☆627Nov 30, 2022Updated 3 years ago
- ☆21Jun 29, 2022Updated 3 years ago
- "chanzi" is a simple and user-friendly JAVA SAST tool that utilizes taint analysis technology, includes built-in common vulnerability ru…☆479Feb 1, 2026Updated last month
- 用于渗透测试中对40x页面进行bypass并发扫描,采用go编写☆262Mar 25, 2023Updated 2 years ago
- 一款golang编写的,批量检测frp server未授权访问、弱token的工具☆165May 1, 2023Updated 2 years ago
- 简单的用python写的远控demo 执行命令 只一个心跳完成所有操作☆36Oct 7, 2022Updated 3 years ago