M1k0er / SSRF-SCAN

一款被动扫描ssrf的burpsuite插件

☆21

Alternatives and similar repositories for SSRF-SCAN:

Users that are interested in SSRF-SCAN are comparing it to the libraries listed below

ifacker / WIHscan
ARL 灯塔的 WIH 利用
☆23Updated 8 months ago
A0WaQ4 / BurpCRLFScan
使用java编写的CRLF-Injection-burp被动扫描插件
☆45Updated 2 years ago
S9MF / sql-sup
Burp suite 插件实现参数溢出、垃圾数据、字典笛卡尔积
☆27Updated 3 years ago
hanbufei / findUriInjs
一个既可主动，又可被动提取链接的burp插件
☆43Updated 11 months ago
wafinfo / MeterSphere-plugin-Backdoor
支持注入内存马和Bypass WAF
☆29Updated last year
r00tSe7en / URLPath
批量处理url链接，获取多级路径并打印
☆44Updated last year
ggg4566 / PointSearch
备份文件快速扫描工具
☆25Updated 2 years ago
goddemondemongod / god_param
god_param
☆40Updated last year
S9MF / ShiroScan2
基于BurpShiroPassiveScan修改增加了Xray回显链生成
☆54Updated 2 years ago
tangxiaofeng7 / smartscan
burpsuite插件-被动无感识别指纹-主动poc扫描
☆26Updated 6 months ago
sulab999 / JsApiScan
一款扫描js中敏感api的burp插件
☆33Updated last year
Dghpi9 / NacosDefaultToken
Alibaba Nacos存在默认token.secret.key，导致远程攻击者可以绕过密钥认证接管Nacos
☆18Updated 2 years ago
QdghJ / burpsuite-bchecks
bchecks for burpsuite
☆14Updated last year
sincere9 / CVE-2023-22515
Confluence未授权添加管理员用户漏洞利用脚本
☆25Updated last year
J0o1ey / ssrf_proxy
ssrf_proxy
☆13Updated last year
rambleZzz / jmxbfGUI
jmx未授权访问弱口令批量检测 GUI工具
☆31Updated last year
A0WaQ4 / BurpText4ShellScan
Text4Shell的burp被动扫描插件
☆36Updated 2 years ago
lu2ker / ApiHelper
一款BurpSuite插件，辅助手工测试
☆72Updated last year
xzajyjs / SpringBoot-whitelabel-error-rce-EXP
Spring Boot whitelabel error page SpEL rce EXP
☆13Updated 9 months ago
tyB-or / upload_dict_fuzz
文件上传字典-轻量化
☆17Updated 2 years ago
chroblert / JC-AntiToken
burp插件：python版，token防重放绕过
☆20Updated 4 years ago
BambiZombie / QRPhish
二维码钓鱼
☆31Updated last year
ScorpionsMAX / CVE-2021-43798-Grafana-POC
CVE-2021-43798 Grafana 任意文件读取漏洞 POC+参数
☆14Updated 3 years ago
M0ge / CNVD-2021-49104-Fanwei-Eoffice-fileupload
泛微eoffice最新文件上传漏洞POC，基于2个接口自动检测
☆16Updated 3 years ago
winezer0 / burp-wildcard-plus
burpsuite wildcard 插件维护分支
☆1Updated 2 years ago
Str1am / Auto_JsFinder
☆19Updated 2 years ago
winezer0 / CrackCaptchaLoginPlus
基于Java内嵌浏览器的登录枚举测试工具(支持验证码)
☆9Updated 2 weeks ago
tangxiaofeng7 / CVE-2022-22965-Spring-Core-Rce
批量无损检测CVE-2022-22965
☆37Updated 2 years ago
damit5 / cdnCheck_go
快速批量判断目标列表是否存在CDN
☆27Updated last year
i11us0ry / tools-gophish
gophish批量操作，适用于大批量钓鱼演练
☆30Updated 3 years ago