一个批量扫描shiro漏洞的工具,支持AES/CMG
☆80Jan 18, 2023Updated 3 years ago
Alternatives and similar repositories for ScanShiro
Users that are interested in ScanShiro are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- burpsuite 的Spring漏洞扫描插件。SpringVulScan:支持检测:路由泄露|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977☆154Jan 23, 2023Updated 3 years ago
- rmi打内存马工具,适用于目标用不了ldap的情况☆254Jul 12, 2023Updated 2 years ago
- 自己的JNDI 利用工具,添加一些人性化功能☆132Sep 4, 2022Updated 3 years ago
- 一个Spring4Shell 被动式检测的Burp插件☆93Apr 8, 2022Updated 4 years ago
- 一款针对Shiro550漏洞进行快速漏洞利用工具。 对 @SummerSec 大佬的项目https://github.com/SummerSec/ShiroAttack2 进行了一些改进。☆250May 29, 2023Updated 2 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- 改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能☆280Nov 28, 2023Updated 2 years ago
- ☆17Apr 7, 2022Updated 4 years ago
- XxlJob<=2.1.2配置不当情况下反序列化RCE☆121Nov 2, 2020Updated 5 years ago
- 一款OutLook信息收集工具☆244May 23, 2023Updated 2 years ago
- 红队|域渗透重要漏洞汇总(持续更新)☆291Dec 23, 2022Updated 3 years ago
- SpringScan 漏洞检测 Burp插件☆607Nov 14, 2023Updated 2 years ago
- ☆123Jun 7, 2023Updated 2 years ago
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆775Jan 26, 2022Updated 4 years ago
- 一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。☆171Aug 9, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- 批量ShiroKey检测爆破工具☆309Jan 4, 2023Updated 3 years ago
- 可以从公开仓库直接拖取镜像的一个小工具 方便直接解包审计代码☆13Feb 11, 2023Updated 3 years ago
- 一款dump hash工具配合后渗透的利用☆276Apr 21, 2023Updated 2 years ago
- fastjson 80 远程代码执行漏洞复现☆199Sep 7, 2022Updated 3 years ago
- Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践☆230Aug 8, 2023Updated 2 years ago
- 一款用于快速导出URL、Domain和IP的小工具☆233Sep 2, 2024Updated last year
- CVE-2022-22947 注入Godzilla内存马☆211Apr 26, 2022Updated 3 years ago
- 本工具为jeecg框架漏洞利用工具非jeecg-boot!☆183Aug 13, 2024Updated last year
- ☆296May 7, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- YongYou U8C deserialization file upload exploit tool targeting IPFxxFileService and IFileTrans services☆29Sep 28, 2025Updated 6 months ago
- 一款在内网中快速开启http服务的工具☆55Jun 2, 2022Updated 3 years ago
- 内存加载shellcode绕过waf☆209Jul 25, 2022Updated 3 years ago
- ☆125Jul 21, 2024Updated last year
- shiro key 收集☆179Mar 20, 2022Updated 4 years ago
- cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件☆93Jan 17, 2023Updated 3 years ago
- 命令执行不回显但DNS协议出网的命令回显场景解决方案(修改为使用ceye接收请求,�添加自定义DNS服务器)☆293Aug 20, 2023Updated 2 years ago
- 基于BurpShiroPassiveScan修改增加了Xray回显链生成☆56Sep 6, 2022Updated 3 years ago
- 冰蝎Java WebShell自动化免杀生成☆784Mar 15, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Spring Actuator端点的BurpSuite被动扫描插件。☆202Nov 2, 2022Updated 3 years ago
- 域信息收集工具☆11Jun 5, 2023Updated 2 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆69Feb 5, 2023Updated 3 years ago
- 获取服务器或域控登录日志☆277Sep 8, 2023Updated 2 years ago
- 这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。☆638Apr 4, 2021Updated 5 years ago
- 一款基于go的windows信息收集工具,主要收集目标机器rdp端口、mstsc远程连接记录、mstsc密码和安全事件中4624、4625登录事件记录☆291Jul 18, 2022Updated 3 years ago
- 改造一个基于jrmp的AMF反序列化利用工具☆16Jul 7, 2022Updated 3 years ago