HHa1ey/CandleDragon

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/HHa1ey/CandleDragon)

HHa1ey / CandleDragon

一款基于JAVA编写的插件化漏洞利用工具

☆46

Alternatives and similar repositories for CandleDragon

Users that are interested in CandleDragon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

ddwGeGe / SunloginRCE_GUITools
View on GitHub
☆21Oct 19, 2022Updated 3 years ago
HHa1ey / TKHunter
View on GitHub
一个基于JavaFX写的一个Hunter资产测绘平台的图形化工具
☆121Nov 9, 2022Updated 3 years ago
ddwGeGe / NaturalTeeth
View on GitHub
☆125Jul 21, 2024Updated last year
0x3rhy / BOF-DCOMPotato-PrintNotify
View on GitHub
Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
☆13Feb 4, 2024Updated 2 years ago
0x7eTeam / 0x7eTeamTools
View on GitHub
javafx练习,JS接口提取,漏洞检测
☆238Jan 24, 2024Updated 2 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
Fu5r0dah / TongdaScan_go
View on GitHub
通达OA漏洞检测工具-TongdaScan_go
☆221May 27, 2023Updated 3 years ago
yuxianzi / FrchannelPlus
View on GitHub
帆软bi反序列化漏洞利用工具
☆55Jun 4, 2024Updated 2 years ago
rambleZzz / jmxbfGUI
View on GitHub
jmx未授权访问弱口令批量检测 GUI工具
☆30Apr 28, 2023Updated 3 years ago
suizhibo / MemShellGene
View on GitHub
一款Java内存马生成、测试工具，搭配@ax1sX的MemShell食用。
☆262Feb 15, 2026Updated 3 months ago
timwhitez / CLR-RWX
View on GitHub
Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间
☆21Sep 28, 2022Updated 3 years ago
W01fh4cker / weblogic-batch-memshell-kit
View on GitHub
weblogic批量打入内存马，electron+vue3+springboot实现。
☆53Mar 13, 2024Updated 2 years ago
k4i-x3i0 / jndiExploit-beta
View on GitHub
魔改版，实现冰蝎直连内存马，无需修改冰蝎客户端
☆76Jan 3, 2024Updated 2 years ago
OracleNep / GlodonScan
View on GitHub
广联达OA系统漏洞批量检测工具
☆17Nov 3, 2024Updated last year
novysodope / RMI_Inj_MemShell
View on GitHub
rmi打内存马工具，适用于目标用不了ldap的情况
☆254Jul 12, 2023Updated 2 years ago
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
Z0fSec / Z0fAPICollect
View on GitHub
一款可以高度自定义的 API 信息收集与记录 Burp扩展套件
☆12Dec 1, 2024Updated last year
safe6Sec / dirScan
View on GitHub
自用目录扫描
☆50Jun 19, 2021Updated 4 years ago
S9MF / ShiroScan2
View on GitHub
基于BurpShiroPassiveScan修改增加了Xray回显链生成
☆56Sep 6, 2022Updated 3 years ago
Tas9er / FFICreateAdminUser
View on GitHub
Code By:Tas9er / FFICreateAdminUser / FFI绕杀软添加Windows账号
☆43May 21, 2026Updated 2 weeks ago
jx4321 / vuldirscan
View on GitHub
一个介于目录扫描与poc验证之间的新生儿
☆20Dec 6, 2022Updated 3 years ago
wjl110 / CVE-Master
View on GitHub
收集本人自接触渗透测试用于漏洞验证的所有热门CVE、POC、CNVD攻击有效载荷+测试工具+FUZZ,一个仓库满足许多攻击测试场景,开箱即用.
☆174Oct 23, 2025Updated 7 months ago
Veraxy00 / SecVulList-Veraxy00
View on GitHub
发布一些我发现的漏洞以及利用脚本。
☆15Jun 29, 2023Updated 2 years ago
iss4cf0ng / Alien
View on GitHub
A C#-based webshell management tool for penetration testing.
☆130Mar 7, 2026Updated 3 months ago
nex121 / ThinkphpGUI
View on GitHub
☆139Sep 25, 2023Updated 2 years ago
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
novysodope / AMF_JRMP
View on GitHub
改造一个基于jrmp的AMF反序列化利用工具
☆16Jul 7, 2022Updated 3 years ago
keven1z / simpleIAST
View on GitHub
simpleIAST- 基于污点追踪的灰盒漏洞扫描工具。
☆101Mar 24, 2026Updated 2 months ago
c0olw / NacosRce
View on GitHub
Nacos JRaft Hessian 反序列化 RCE 加载字节码注入内存马不出网利用
☆851Jul 7, 2023Updated 2 years ago
geekmc / FindShell
View on GitHub
内存马查杀工具，尤其针对Agent型，原理是dump出JVM当前的class并进行字节码分析，并加入自动修复的功能
☆179May 10, 2023Updated 3 years ago
ssrsec / EBrute
View on GitHub
exchange接口爆破|邮箱爆破
☆19Sep 19, 2024Updated last year
pojz / zentao-getshell
View on GitHub
禅道认证绕过后台命令执行Getshell
☆13Jan 8, 2025Updated last year
Conan924 / PostHikvision
View on GitHub
哥斯拉Hikvision综合安防后渗透插件，运行中心/web前台/MinIO 配置提取（解密）重置密码,还原密码。
☆174Oct 8, 2024Updated last year
mhtsec / sqlmapcg
View on GitHub
sqlmap命令生成器
☆19Nov 12, 2024Updated last year
AgeloVito / adduserbysamr-bof
View on GitHub
Cobalt Strike BOF that Add a user to localgroup by samr
☆141Nov 30, 2022Updated 3 years ago
Open source password manager - Proton Pass • Ad
Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
Lotus6 / JavaGadgetGenerator
View on GitHub
JavaGadgetGenerator 工具，支持 ysoserial，Hessian，字节码，Expr/SSTI，Shiro，JDBC 等 Gadget 生成，封装，混淆，出网延迟探测，内存马注入等...
☆571Apr 3, 2026Updated 2 months ago
M0untainShley / CVE-2023-22527-MEMSHELL
View on GitHub
confluence CVE-2023-22527 漏洞利用工具，支持冰蝎/哥斯拉内存马注入，支持设置 http 代理
☆41Apr 24, 2024Updated 2 years ago
qianxiao996 / github-tools
View on GitHub
利用api来查询用户的star，仓库的commits、releases、issus。查询关键字更新
☆12Mar 7, 2021Updated 5 years ago
bcvgh / daydayEXP
View on GitHub
支持自定义Poc文件的图形化漏洞利用工具
☆236Nov 5, 2024Updated last year
xk11z / unauthorized
View on GitHub
常见的未授权漏洞检测
☆273Apr 5, 2025Updated last year
bmth666 / GeoServer-Tools-CVE-2024-36401
View on GitHub
CVE-2024-36401 图形化利用工具，支持各个JDK版本利用以及回显、内存马实现
☆43May 18, 2026Updated 3 weeks ago
crow821 / FakeFlash
View on GitHub
flash钓鱼 flash水坑攻击最新版源码
☆65Feb 10, 2023Updated 3 years ago