整理SQLI、XSS、RCE、Path的payload文件备份留存
☆15Nov 9, 2022Updated 3 years ago
Alternatives and similar repositories for Payload-List
Users that are interested in Payload-List are comparing it to the libraries listed below
Sorting:
- Recon tool for URLs discovery☆12Jun 19, 2024Updated last year
- 可视化GUI界面网络资产测绘平台查询,支持目前热门国内外网络资产测绘平台.☆28Oct 4, 2022Updated 3 years ago
- 适用于目标命令执行不出网、无回显等场景☆13Oct 8, 2022Updated 3 years ago
- go调用最大cpu内核数实现批量ip列表tcp端口快速扫描☆15Mar 20, 2020Updated 5 years ago
- 利用云函数实现端口扫描☆15Nov 17, 2025Updated 3 months ago
- 去除了流量特征的UDP协议跨平台机器管理工具☆41Dec 25, 2020Updated 5 years ago
- 通过公司名称,在fofa上搜索可能存在通用产品的公司;如果想挖掘cnvd证书,可导出注册资金大于5000w的公司到这个脚本中进行通用系统收集。☆65Oct 21, 2022Updated 3 years ago
- 本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。傻瓜式导入url即可实现批量getshell。批量自动化测试。例如:Thinkphp,Struts2,weblogic。出现的最新漏洞进行实时跟踪并且更新例如:…☆17May 22, 2022Updated 3 years ago
- 各大平台IOT设备漏洞资源库☆101Sep 4, 2023Updated 2 years ago
- 蜜罐抓到的Top密码,根据使用频率排序,持续更新中...☆166Nov 20, 2023Updated 2 years ago
- API Highlighter 是一个用于 BurpSuite 的插件,主要用于 web 应用迭代安全测试时高亮指定的新增接口,该插件最初用 Python 编写,现重构为 Java 版本。☆42Feb 19, 2025Updated last year
- 一款基于Http.sys的利用工具 ZhuriLab/Joker 备份☆27Nov 16, 2022Updated 3 years ago
- 微软开发的系统管理小工具-简约教程-含渗透利器☆21Sep 27, 2019Updated 6 years ago
- swagger接口测试☆17Jun 12, 2025Updated 8 months ago
- Community curated list of templates for the erebus engine to find security vulnerabilities.☆16Jul 10, 2021Updated 4 years ago
- 收藏webshell☆25Mar 14, 2022Updated 3 years ago
- 红方人员作战执行手册☆22Feb 18, 2020Updated 6 years ago
- ☆13May 24, 2023Updated 2 years ago
- JS Finding can be used to extract JavaScript (JS) files from either a single domain URL or a list of domains. The tool supports various e…☆48Apr 29, 2024Updated last year
- 常见漏洞描述、漏洞影响及修复建议,为规范的渗透测试报告提供参考 | Common vulnerability descriptions, vulnerability impacts and remediation recommendations for standardi…☆58Jan 15, 2021Updated 5 years ago
- govenom is a msfvenom-inspired cross-platform payload generator toolkit written in Go☆21Sep 9, 2020Updated 5 years ago
- 一个全新的敏感文件发现工具☆84Jan 7, 2021Updated 5 years ago
- 这是一个WebShell收集项目☆23Jul 20, 2016Updated 9 years ago
- HVVExploitApply工具POC登记信息☆20Aug 25, 2022Updated 3 years ago
- 一款用来扫描oa的漏洞的工具☆54Aug 24, 2023Updated 2 years ago
- ☆26Mar 24, 2023Updated 2 years ago
- 一个Spring4Shell 被动式检测的Burp插件☆93Apr 8, 2022Updated 3 years ago
- ☆42Nov 19, 2025Updated 3 months ago
- Learning JAVA for Security☆34Jun 9, 2022Updated 3 years ago
- 项目监控工具 以及 Codeql 自动运行☆313Apr 13, 2023Updated 2 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆56Nov 20, 2024Updated last year
- 记录自己在内网渗透学习中的一些心得和技巧,不定期记录中:)☆107Apr 11, 2022Updated 3 years ago
- 一款用于辅助渗透测试工程师日常渗透测试的Burp被动漏扫插件☆242Nov 25, 2022Updated 3 years ago
- 海康威视文件上传检测脚本,可getshell,漏洞检测☆30Jun 6, 2023Updated 2 years ago
- 基于BurpFastJsonScan修改新增了延迟探测方式 Burp插件 Fastjson扫描☆59Sep 23, 2022Updated 3 years ago
- 泛微OA_V9全版本前台任意文件上传漏洞☆29Apr 26, 2022Updated 3 years ago
- 支持常见webshell流量一键解密(完美兼容php)、AES专项解密(内置50wKey爆破)、各类单项解密(Base64、Rot13、strRev、Chr等)、自定义Js解密 Support common websh…☆29Mar 23, 2024Updated last year
- 二进制安全学习笔记☆26Jan 8, 2022Updated 4 years ago
- Struts2框架全系列漏洞扫描工具 / Code By:Jun_sheng☆35Jul 8, 2022Updated 3 years ago