从总多目录字典中合并提取的高效目录爆破字典
☆200Aug 15, 2019Updated 6 years ago
Alternatives and similar repositories for myfuzz
Users that are interested in myfuzz are comparing it to the libraries listed below
Sorting:
- 弱口令,敏感目录,敏感文件等渗透测试常用攻击字典☆1,208Dec 16, 2021Updated 4 years ago
- 自用字典,收集实战中遇到的奇特目录名、后门文件名等。不定期更新!☆114Jul 25, 2023Updated 2 years ago
- Shiro550/Shiro721 一键化利用工具,支持多种回显方式☆1,953Jun 4, 2021Updated 4 years ago
- 上传漏洞fuzz字典生成脚本☆1,270Apr 1, 2021Updated 4 years ago
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆772Jan 26, 2022Updated 4 years ago
- 规则组合子域名字典生成☆30Mar 5, 2020Updated 6 years ago
- 创建一个克隆隐藏的管理员账号/Create a Clone Hidden Administrator Account☆22Aug 28, 2019Updated 6 years ago
- 后渗透持久化控制平台; Windows Persistence Platform;☆46Sep 16, 2021Updated 4 years ago
- 参数 | 字典 collections☆675Apr 20, 2021Updated 4 years ago
- EHole(棱洞)-红队重点攻击系统指纹探测工具☆471Jan 27, 2021Updated 5 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,014May 21, 2024Updated last year
- Burp被动扫描流量转发插件☆1,460Jun 17, 2024Updated last year
- CobaltStrike后渗透测试插件☆1,557Oct 28, 2021Updated 4 years ago
- Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)☆878Dec 16, 2022Updated 3 years ago
- 攻防演习/渗透测试资产处理小工具,对攻防演习/渗透测试前的信息搜集到的大批量资产/域名进行存活检测、获取标题头、语料提取、常见web端口检测等。☆634Jun 19, 2024Updated last year
- Struts2漏洞扫描利用工具 - Golang版. Struts2 Scanner Written in Golang☆571Jan 10, 2022Updated 4 years ago
- goon,集合了fscan和kscan等优秀工具功能的扫描爆破�工具。功能包含:ip探活、port扫描、web指纹扫描、title扫描、压缩文件扫描、fofa获取、ms17010、mssql、mysql、postgres、redis、ssh、smb、rdp、telnet、to…☆811Aug 5, 2024Updated last year
- Shiro<=1.2.4反序列化,一键检测工具☆987Mar 4, 2021Updated 5 years ago
- 防火墙出网探测工具,内网穿透型socks5代理☆269Nov 12, 2021Updated 4 years ago
- Burp suite 分�块传输辅助插件☆2,026Feb 23, 2022Updated 4 years ago
- 一键ThinkPHP漏洞检测☆1,164Nov 1, 2023Updated 2 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆967Jun 16, 2024Updated last year
- You Know, For WEB Fuzzing !☆8,273Nov 13, 2023Updated 2 years ago
- 口令爆破字典,有键盘组合字典、拼音字典、字母与数字混合这三种类型☆1,317Oct 8, 2021Updated 4 years ago
- 此项目用来提取收集以往泄露的密码中符合条件的强弱密码☆1,131Apr 1, 2019Updated 6 years ago
- 对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecrypt…☆1,260Mar 16, 2022Updated 4 years ago
- JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.☆2,920Nov 24, 2021Updated 4 years ago
- shiro 反序列 命令执行辅助检测工具☆1,566May 21, 2024Updated last year
- Dirpath_List 目录扫描字典☆161Nov 7, 2017Updated 8 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆125May 14, 2021Updated 4 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 4 years ago
- 红队作战中比较常遇到的一些重点系统漏洞整理。☆2,521Jul 17, 2021Updated 4 years ago
- 这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。☆1,191Apr 30, 2019Updated 6 years ago
- Web Fuzzing Box - Web 模糊测试字典与一些Payloads☆2,454May 28, 2025Updated 9 months ago
- 绕过专业工具检测的Webshell研究文章和免杀的Webshell☆1,733Nov 15, 2020Updated 5 years ago
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,405Jan 18, 2022Updated 4 years ago
- Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法☆400Jan 24, 2025Updated last year
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆614Dec 29, 2021Updated 4 years ago
- An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工…☆3,358Oct 21, 2025Updated 5 months ago