DummyHardy / DongTai

DongTai is an interactive application security testing(IAST) product that supports the detection of OWASP WEB TOP 10 vulnerabilities, multi-request related vulnerabilities (including logic vulnerabilities, unauthorized access vulnerabilities, etc.), third-party component vulnerabilities, etc.

☆1

Alternatives and similar repositories for DongTai:

Users that are interested in DongTai are comparing it to the libraries listed below

jas502n / DBconfigReader
泛微ecology OA系统接口存在数据库配置信息泄露漏洞
☆50Updated 4 years ago
seecode-audit / seecode-scanner
SeeCode Scanner 扫描引擎
☆2Updated 5 years ago
HXSecurity / vulhub-compose
vulhub-compose是一款屏蔽docker-compose的命令行工具，目的是降低火线平台社区用户使用vulhub靶场的难度，减少学习docker-compose的时间成本；同时，支持直接安装洞态IAST（原灵芝IAST）到vulhub靶场，用于漏洞复现、漏洞挖掘。
☆45Updated 3 years ago
jkgh006 / assetscan
资产扫描工具
☆46Updated 4 years ago
b1ngz / spring-boot-actuator-cloud-vul
Spring Boot Actuator + Spring Cloud Vul Env
☆19Updated 5 years ago
c0ny1 / burp-cookie-porter
一个可快速“搬运”cookie的Burp Suite插件
☆25Updated 6 years ago
jas502n / xray-crack
xray社区高级版证书生成，支持到 1.2.0 版本
☆35Updated 4 years ago
ldbfpiaoran / springboot-acl-bypass
springboot getRequestURI acl bypass
☆37Updated 4 years ago
ring04h / iproxy
HTTP/HTTPS proxy server by golang [high performance version]
☆53Updated 4 years ago
madneal / r-forwarder-burp
The burp extension to forward the request
☆10Updated 4 months ago
timwhitez / unauthorized-check
扫描常见未授权访问(改)（redis、mongodb、memcached、elasticsearch、zookeeper、ftp、CouchDB、docker、Hadoop）
☆15Updated 4 years ago
1135 / Kong_exploit
☆41Updated 4 years ago
misskiki / MysqlLogmonitor
代码审计辅助工具
☆36Updated 4 years ago
ba1ma0 / chrome_extension
越权检测服务器Chrome插件开发部分
☆17Updated last year
jas502n / fastjson-1.2.61-RCE
fastjson-1.2.61-RCE
☆33Updated 5 years ago
uxbug / ant
Linux服务器信息收集脚本
☆20Updated 6 years ago
shad0w008 / Scanver
scanver
☆21Updated 6 years ago
c0ny1 / pentestbox-search-tools
一个为PentestBox添加搜索工具名称功能的py脚本
☆13Updated 4 years ago
l3yx / springboot-shiro
☆15Updated last year
secfan / openrasp-compile-env
OpenRASP Agent容器编译环境，助力二次开发。
☆12Updated 2 years ago
MisakiKata / mitescan
一个代理扫描平台
☆54Updated 4 years ago
ibey0nd / NSTProxy
一款存储HTTP请求入库的burpsuite插件
☆29Updated 6 years ago
dean2021 / java_security_book
记录整理日常java安全分析代码
☆14Updated 6 years ago
k-fire / Url-Monitor
基于django网站监控平台
☆12Updated 4 years ago
z1Ro0 / tomcat_nofile_webshell
Tomcat基于动态注册Filter的无文件Webshell
☆26Updated 4 years ago
sv3nbeast / Emergency-Response-Notes
应急响应实战笔记，一个安全工程师的自我修养。
☆17Updated 5 years ago
UnicodeSec / Blogs
宽字节安全团队的博客
☆30Updated 3 years ago
virink / xray-weblisten-ui
Xray 被动扫描管理
☆58Updated 4 years ago
orleven / BurpCollect
基于BurpCollector的二次开发，记录Burpsuite Site Map记录的里的数据包中的目录路径参数名信息，并存入Sqlite，并可导出txt文件。
☆23Updated 5 years ago
Lhaihai / PythonPersistence
python3 写的一些权限维持脚本
☆34Updated 5 years ago