《深入理解WEB漏洞之SSRF漏洞》Server-Side Request Forgery.
☆71Mar 1, 2024Updated 2 years ago
Alternatives and similar repositories for SSRF
Users that are interested in SSRF are comparing it to the libraries listed below
Sorting:
- 《Web安全教程之XXE漏洞》XML External Entity Injection.☆11Nov 1, 2025Updated 4 months ago
- 【Hello-CTF labs】新手向的ssrf靶场,从协议,场景,绕过等多个ssrf攻击的基础维度展开。☆57Mar 22, 2025Updated last year
- ☆18Dec 16, 2024Updated last year
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆140Mar 11, 2024Updated 2 years ago
- 为渗透测试人员和开发者设计的纯前端工具集,专注于信息收集和文本处理,纯前端实现的 Web 工具集,提供 URL 处理、路径分析、信息收集等功能。☆16Jun 27, 2025Updated 8 months ago
- 针对Navicat的后渗透利用框架☆330Mar 21, 2025Updated last year
- 一个功能强大的浏览器扩展程序,专门用于检测Web系统中的权限越权漏洞,适用于Web渗透测试。☆43Oct 11, 2025Updated 5 months ago
- PHP漏洞靶场,涉及OWASP TOP10漏洞,新手必学!☆12Jun 13, 2022Updated 3 years ago
- ☆53Dec 8, 2025Updated 3 months ago
- Where is this IP?☆14Feb 24, 2024Updated 2 years ago
- A vul-finder for loading CPG and automated finding vul-call-chains☆72Jul 22, 2025Updated 8 months ago
- Show the application of fuzzy in penetration test~☆13Mar 11, 2022Updated 4 years ago
- Demo of various ways to exploit post based reflected XSS☆18Jul 6, 2023Updated 2 years ago
- 用于存储公众号文章的 PDF 版本☆104May 20, 2024Updated last year
- tomcat的servlet、filter、listener内存马查杀工具☆38Sep 20, 2023Updated 2 years ago
- Burp插件,快速探测可能存在SQL注入的请求并标记,提高测试效率☆766Feb 26, 2026Updated 3 weeks ago
- 互联网数字垃圾回收专用废纸篓☆62Jan 23, 2024Updated 2 years ago
- Apache Shiro CVE-2022-32532☆13Jun 28, 2022Updated 3 years ago
- Shiro漏洞实例源码☆26Jul 1, 2021Updated 4 years ago
- oss存储桶遍历漏洞利用脚本☆91Nov 23, 2024Updated last year
- CVE-2022-22947_POC_EXP☆13Mar 17, 2022Updated 4 years ago
- 关于我在CTF中的所有东西☆423Sep 22, 2025Updated 6 months ago
- 领先的实践型网络安全在线学习平台☆18Feb 10, 2026Updated last month
- 🔍 Chrome扩展,为安全研究和渗透测试提供Google/百度/Bing高级搜索语法快捷执行。一键Dorking、批量提取URL、智能过滤黑名单,大幅提升信息收集效率。 🔍 Chrome extension for security research and pen…☆127Oct 16, 2025Updated 5 months ago
- 批量查询域名备案;app;小程序☆20May 28, 2025Updated 9 months ago
- 【Hello-CTF labs】一个ssrf的综合靶场,包含RCE,SQL注入,Tomcat,Redis,MySQL提权等ssrf攻击场景☆79Mar 18, 2025Updated last year
- A old way to Persistence☆53Sep 24, 2020Updated 5 years ago
- 《Linux提权方法论》☆805Feb 22, 2023Updated 3 years ago
- A V8 Sandbox Escape Technique.☆33Jul 4, 2024Updated last year
- ☆15Mar 14, 2024Updated 2 years ago
- HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.☆4,111Mar 13, 2026Updated last week
- CVE-2022-42889 aka Text4Shell research & PoC☆20Mar 17, 2023Updated 3 years ago
- A containerized Model Context Protocol (MCP) server providing static code analysis using Joern's Code Property Graph (CPG) with support f…☆53Updated this week
- Phishing-网络钓鱼研究☆52Apr 13, 2025Updated 11 months ago
- whohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的…☆574Jan 13, 2024Updated 2 years ago
- BpArsenal, a Burp Suite plugin that can quickly convert http requests into command-line tool execution, launch third-party tools and open…☆22Oct 31, 2025Updated 4 months ago
- ClashX Pro下载备份与官网导航☆17Mar 16, 2025Updated last year
- 将压缩包伪装成其他文件,绕过无法上传/分享的限制☆28Jan 6, 2026Updated 2 months ago
- Vulnerability POC/EXP Collection and Classification☆23Sep 18, 2024Updated last year