GuoKerS/Charset_encoding-Burp

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/GuoKerS/Charset_encoding-Burp)

GuoKerS / Charset_encoding-Burp

利用字符集编码绕过waf的burpsuite插件

☆124

Alternatives and similar repositories for Charset_encoding-Burp

Users that are interested in Charset_encoding-Burp are comparing it to the libraries listed below

Sorting:

Rvn0xsy / PassDecode-jar
View on GitHub
帆软/致远密码解密工具
☆360Jul 29, 2021Updated 4 years ago
whwlsfb / SpringSpider
View on GitHub
Spring Actuator端点的BurpSuite被动扫描插件。
☆202Nov 2, 2022Updated 3 years ago
LFYSec / ActuatorExploit
View on GitHub
SpringBoot Actuator未授权自动化利用，支持信息泄漏/RCE
☆230Dec 5, 2020Updated 5 years ago
XiaoLi996 / OA-EXP
View on GitHub
红队工具：各大OA利用工具，万户、致远、通达等
☆259Jul 23, 2021Updated 4 years ago
z2p / sweetPotato
View on GitHub
基于burpsuite的资产分析工具
☆474Apr 29, 2023Updated 2 years ago
winezer0 / whatweb-plus
View on GitHub
whatweb 增强版 8000+插件（提供windows可执行文件）
☆27Jul 10, 2025Updated 7 months ago
woodpecker-framework / woodpecker-framework-release
View on GitHub
高危漏洞精准检测与深度利用框架
☆1,456Jan 8, 2023Updated 3 years ago
EdgeSecurityTeam / Eeyes
View on GitHub
Eeyes(棱眼)-快速筛选真实IP并整理为C段
☆603Apr 4, 2021Updated 4 years ago
achuna33 / Memoryshell-JavaALL
View on GitHub
收集内存马打入方式
☆506May 20, 2022Updated 3 years ago
rebeyond / JNDInjector
View on GitHub
一个高度可定制化的JNDI和Java反序列化利用工具
☆471Jan 17, 2023Updated 3 years ago
exp1orer / JNDI-Inject-Exploit
View on GitHub
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
☆770Jan 26, 2022Updated 4 years ago
leveryd / x-waf
View on GitHub
让"WAF绕过"变得简单
☆433Jan 26, 2025Updated last year
depycode / fastjson-local-echo
View on GitHub
基于dbcp的fastjson rce 回显
☆197Jun 28, 2021Updated 4 years ago
wyzxxz / aksk_tool
View on GitHub
AK资源管理工具，阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM/E2/UHOST/ECI/BCC执行命令，OSS/COS/S3/BOS…
☆779Feb 13, 2025Updated last year
EASY233 / BpScan
View on GitHub
一款用于辅助渗透测试工程师日常渗透测试的Burp被动漏扫插件
☆242Nov 25, 2022Updated 3 years ago
c0ny1 / java-memshell-scanner
View on GitHub
通过jsp脚本扫描java web Filter/Servlet型内存马
☆988Mar 9, 2023Updated 2 years ago
pap1rman / postnacos
View on GitHub
哥斯拉nacos后渗透插件 maketoken adduser
☆150Jul 7, 2023Updated 2 years ago
zilong3033 / fastjsonScan
View on GitHub
fastjson漏洞burp插件，检测fastjson<1.2.68基于dnslog，fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
☆124May 14, 2021Updated 4 years ago
r0eXpeR / fingerprint
View on GitHub
各种工具指纹收集分享
☆529Nov 3, 2021Updated 4 years ago
Adminisme / SharpRDPLog
View on GitHub
Windows rdp相关的登录记录导出工具，可用于后渗透中Windows服务器的信息收集阶段。输出内容包括：本地rdp端口、mstsc缓存、cmdkey缓存、登录成功、失败日志事件。
☆282Jun 23, 2024Updated last year
Bl0omZ / JNDIEXP
View on GitHub
JNDI在java高版本的利用工具,FUZZ利用链
☆597Oct 8, 2022Updated 3 years ago
yuyan-sec / RedisEXP
View on GitHub
Redis 漏洞利用工具
☆938Jan 26, 2025Updated last year
pmiaowu / log4j2Scan
View on GitHub
用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
☆213Apr 18, 2023Updated 2 years ago
Lotus6 / FileMonitor
View on GitHub
Java命令行文件监控小工具(代码审计)
☆103Nov 29, 2021Updated 4 years ago
LandGrey / spring-boot-upload-file-lead-to-rce-tricks
View on GitHub
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
☆754Apr 14, 2021Updated 4 years ago
z1un / Z1-AggressorScripts
View on GitHub
适用于Cobalt Strike的插件
☆562May 30, 2021Updated 4 years ago
Hzllaga / ShellcodeLoader
View on GitHub
将shellcode用rsa加密并动态编译exe，自带几种反沙箱技术。
☆521Jul 9, 2020Updated 5 years ago
xinyu2428 / TDOA_RCE
View on GitHub
通达OA综合利用工具
☆517Mar 17, 2021Updated 4 years ago
wyzxxz / shiro_rce_tool
View on GitHub
shiro 反序列命令执行辅助检测工具
☆1,563May 21, 2024Updated last year
R17a-17 / JavaVulnSummary
View on GitHub
Java漏洞分析汇合
☆142Dec 14, 2021Updated 4 years ago
r00tSe7en / ShadowlessFeet
View on GitHub
无影脚 - 命令行下的日志文件处理工具
☆51Nov 15, 2022Updated 3 years ago
Daybr4ak / C2ReverseProxy
View on GitHub
一款可以在不出网的环境下进行反向代理及cs上线的工具
☆491Apr 26, 2023Updated 2 years ago
Heart-Sky / ListRDPConnections
View on GitHub
C# 读取本机对外RDP连接记录和其他主机对该主机的连接记录，从而在内网渗透中获取更多可通内网网段信息以及定位运维管理人员主机
☆431Jan 28, 2021Updated 5 years ago
evilashz / SharpADUserIP
View on GitHub
提取DC日志，快速获取域用户对应IP地址
☆308Mar 21, 2022Updated 3 years ago
dr0op / CrossNet-Beta
View on GitHub
红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。
☆366Jun 19, 2024Updated last year
Avienma / Mimikatz
View on GitHub
用c#实现了个远程拉取Mimikatz.ps1
☆61Dec 7, 2023Updated 2 years ago
ybdt / post-hub
View on GitHub
Lateral movement
☆943Updated this week
metaStor / SpringScan
View on GitHub
SpringScan 漏洞检测 Burp插件
☆605Nov 14, 2023Updated 2 years ago
f0ng / autoDecoder
View on GitHub
Burp插件，根据自定义来达到对数据包的处理（适用于加解密、爆破等），类似mitmproxy，不同点在于经过了burp中转，在自动加解密的基础上，不影响APP、网站加解密正常逻辑等。
☆1,327Dec 14, 2025Updated 2 months ago