BlackFan / jpg_payload
☆63Updated 6 years ago
Related projects: ⓘ
- 一个子域名接管检测工具☆138Updated 3 years ago
- A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting☆89Updated 3 years ago
- ☆119Updated this week
- ☆145Updated 3 years ago
- redis ssrf gopher generater & redis ssrf to rce by master-slave-sync☆79Updated 3 years ago
- RMI 反序列化环境 一步步☆211Updated 4 years ago
- ☆48Updated this week
- a burp extension to find where use fastjson☆163Updated 4 years ago
- struts2 漏洞环境源代码☆76Updated 2 years ago
- CVE-2016-4437-Shiro反序列化爆破模块和key,命令执行,反弹shell的脚本☆55Updated 4 years ago
- ☆148Updated this week
- ☆106Updated this week
- fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.☆223Updated last year
- DSO-Lab 漏洞研究成果整理☆83Updated 2 years ago
- 🐸Subdomain Monitor, 子域名监控☆76Updated 3 years ago
- 分享一些安全小工具☆53Updated 4 years ago
- 收集整理一些漏洞,利用方法,poc等等,方便快速查阅☆59Updated 3 years ago
- ☆104Updated 7 years ago
- 一个自动化写入php不死马/进程守护马,批量获得flag的线下赛工具☆58Updated 6 years ago
- 🐸Unauthorized Detection Framework未授权访问检测框架☆157Updated 9 months ago
- 一款高效的参数fuzz工具|A faster param fuzzing test tool☆100Updated 3 years ago
- ☆46Updated 4 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆100Updated 4 years ago
- More Easier Burp Extension To Solve Javascript Front End Encryption,一款更易使用的解决前端加密问题的Burp插件。☆45Updated 4 years ago
- 利用长亭xray高级版的回显Gadget重写的一个shiro反序列化利用工具。☆123Updated 4 years ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in redis with password.用于生成附带密码认证的gopher内容,用于SSRF等利用。☆108Updated 5 years ago
- ☆69Updated 4 years ago
- goby对应的api☆36Updated 4 years ago
- Burp Suite Plugin: Convert the json text that returns the body into HTTP request parameters.☆98Updated 3 years ago
- weblogic t3 deserialization rce☆263Updated 7 years ago