YApi boolean-based injection exploit.
☆57Feb 8, 2023Updated 3 years ago
Alternatives and similar repositories for YApi-Exploit
Users that are interested in YApi-Exploit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Yapi mock script RCE another version. Webshell way. 另一种 Webshell 方式的 Yapi 命令执行的方法 相比于其他的利用方式 更加微操和可控 影响更小☆66Jul 4, 2024Updated last year
- 用java实现构造openwire协议,利用activeMQ < 5.18.3 RCE 回显利用 内存马注入☆288Nov 20, 2023Updated 2 years ago
- 禅道相关poc☆172Jun 20, 2024Updated last year
- Exchange 服务器安全性的辅助测试工具☆331Jul 21, 2023Updated 2 years ago
- 基于golang实现的impacket☆246Aug 28, 2023Updated 2 years ago
- 一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。☆171Aug 9, 2023Updated 2 years ago
- 注入JVM进程 动态获取目标进程连接的数据库☆341Mar 6, 2022Updated 4 years ago
- CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to des…☆103Apr 16, 2024Updated last year
- CVE-2023-22515☆52Nov 10, 2023Updated 2 years ago
- ☆309Feb 27, 2025Updated last year
- dump lsass进程工具☆561Jul 20, 2023Updated 2 years ago
- Zimbra <9.0.0.p27 RCE☆107Nov 24, 2022Updated 3 years ago
- 通过WindowsAPI获取用户凭证,并保存到文件中☆194Jun 18, 2024Updated last year
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,468Apr 25, 2024Updated last year
- CVE-2022-37042 Zimbra Auth Bypass leads to RCE☆30Dec 9, 2022Updated 3 years ago
- CVE-2020-1472 C++☆84Sep 2, 2022Updated 3 years ago
- PrintNightMare LPE提权漏洞的CS 反射加载插件。开箱即用、通过内存加载、混淆加载的驱动名称来ByPass Defender/EDR。☆148Sep 1, 2021Updated 4 years ago
- K8S安全攻防思维导图 | Docker安全攻防思维导图☆417Jun 22, 2022Updated 3 years ago
- 南京邮电大学企业微信健康打卡脚本☆16Jan 2, 2022Updated 4 years ago
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆462Jan 12, 2025Updated last year
- asp.net内存马检测工具☆283Aug 22, 2023Updated 2 years ago
- ☆95Feb 9, 2023Updated 3 years ago
- 利用oss实现http转发/cobalt strike上线☆370Nov 26, 2022Updated 3 years ago
- c/s网络准入平台☆20Nov 14, 2022Updated 3 years ago
- C++枚举磁盘列表、遍历指定盘搜索特定类型文件/微信导出密钥,文件回传等功能☆153Jan 9, 2023Updated 3 years ago
- C# 读取本机对外RDP连接记录和其他主机对该主机的连接记录,从而在内网渗透中获取更多可通内网网段信息以及定位运维管理人员主机☆431Jan 28, 2021Updated 5 years ago
- ☆525Sep 16, 2022Updated 3 years ago
- RPC远程主机信息匿名扫描工具☆319Sep 30, 2022Updated 3 years ago
- POC for RCE using vulnerabilities described in VMSA-2023-0001☆148Jan 31, 2023Updated 3 years ago
- JavaPassDump☆273Jan 7, 2022Updated 4 years ago
- DBeaver数据库密码解密工具☆199Nov 29, 2023Updated 2 years ago
- 建议使用新版:https://github.com/jar-analyzer/jar-analyzer☆897Nov 30, 2023Updated 2 years ago
- Apache Airflow < 2.4.0 DAG example_bash_operator RCE POC☆41Nov 19, 2022Updated 3 years ago
- 利用 Exchange 服务器 Web 接口爆破邮箱�账户 | Brute force email accounts using Exchange server web endpoints☆93Sep 13, 2024Updated last year
- 收集内存马打入方式☆507May 20, 2022Updated 3 years ago
- AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS…☆779Feb 13, 2025Updated last year
- Java Js Engine Payloads All in one☆291Aug 21, 2023Updated 2 years ago
- ☆32Aug 15, 2022Updated 3 years ago
- 基于向日葵RCE的本地权限提升,无需指定端口☆210Feb 24, 2022Updated 4 years ago