用于自动搜索 Python 沙箱逃逸、SSTI 攻击链的小工具
☆37Jan 22, 2025Updated last year
Alternatives and similar repositories for dibber
Users that are interested in dibber are comparing it to the libraries listed below
Sorting:
- xsleaks-wiki 中文版☆15May 31, 2022Updated 3 years ago
- 一些总结出来的gadget的flow,后续合适和加入新的flow☆66Dec 6, 2025Updated 2 months ago
- A tool for converting Python source code to opcode(pickle)☆21Aug 18, 2022Updated 3 years ago
- ☆13Nov 30, 2023Updated 2 years ago
- ☆95Sep 2, 2024Updated last year
- 第十七届全国大学生信息安全竞赛创新实践能力赛决赛 - AWDP☆11Jul 20, 2024Updated last year
- 基于多种策略, 对已有 JAR 包中的全限定类名进行变换, 无限生成高度相似的虚假类名☆18Jul 30, 2025Updated 7 months ago
- 自动化的 Python 沙箱逃逸 payload bypass 框架 / Automated Python Sandbox Escape Payload Bypass Framework☆99Dec 24, 2024Updated last year
- Many yaml scanner plugin parser [nuclei-template, xray-poc, ez-poc] - for Python☆13Mar 27, 2022Updated 3 years ago
- ☆16Apr 20, 2023Updated 2 years ago
- 一款基于污点分析的PHP扫描工具,能快速匹配从常见Source点如$_POST、$GET到Sink点system等的路径,同时支持单独对函数的扫描。☆167Apr 10, 2025Updated 10 months ago
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆140Mar 11, 2024Updated last year
- CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段☆276Dec 13, 2024Updated last year
- 关于我在CTF中的所有东西☆423Sep 22, 2025Updated 5 months ago
- ctf awd比赛快速hook java题,提供一键流量转发,无痛修复☆56Mar 17, 2025Updated 11 months ago
- A lab to help you learning SSTI☆121Aug 30, 2023Updated 2 years ago
- 专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF☆1,233Updated this week
- Parallelized enumeration tool for red team engagements and bug bounty programs.☆16Mar 31, 2021Updated 4 years ago
- Send controlled amount of bytes, send msf-pattern, calculate offset, custom buffer, badcharacters all in one.☆15Apr 20, 2024Updated last year
- 一个基于 Vineflower 引擎的多线程 Java 批量反编译工具,支持快速处理大量的 class 文件和 JAR 文件。☆58Apr 28, 2025Updated 10 months ago
- NCTF 2023 challenges and writeups☆15Dec 30, 2023Updated 2 years ago
- ☆25Jul 2, 2024Updated last year
- ☆52Dec 8, 2025Updated 2 months ago
- 某软最新公开gadgegt,新加入不出网利用。☆89Sep 6, 2024Updated last year
- 自写远控,过五引擎/火绒/金山/卡巴/世界,保持更新☆20Jul 28, 2022Updated 3 years ago
- To store some files that I prepared for recommended postgraduate.☆17Jul 25, 2019Updated 6 years ago
- ExprInject / Java表达式注入自动化扫描 / Code By:Tas9er☆42Sep 11, 2025Updated 5 months ago
- 高版本Fastjson在Java原生反序列化中的利用演示☆26Jan 12, 2025Updated last year
- 0xGame 2023 challenges and writeups☆20Nov 7, 2023Updated 2 years ago
- 使用 Docker 一键构建 JDK 源码的 CodeQL 数据库,方便使用 CodeQL 查找 JDK 中的数据。☆27May 14, 2025Updated 9 months ago
- sql注入bypass waf工具,绕waf fuzz测试工具。☆49Jan 17, 2023Updated 3 years ago
- 添加图标以及版本信息,实现自动化bypass360QVM☆25Jul 16, 2025Updated 7 months ago
- 手把手教你写IAST系列☆24Jan 12, 2024Updated 2 years ago
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆571Feb 7, 2026Updated 3 weeks ago
- 基于pwntools+angr的简单CTF AMD64 PWN AUTO FUZZ☆54Dec 26, 2024Updated last year
- JWT密码爆破以及生成工具,可以使用字典或者暴力破解JWT,支持多��线程爆破,使用GO语言编写,效率非常高,也可以生成有密码或者没有密码的JWT。☆29Sep 26, 2025Updated 5 months ago
- Official Writeup of SUCTF 2025☆64Feb 25, 2025Updated last year
- RexLeo / ByPassDownLoadFile / Code By:Tas9er / A.E.0.S Security Team☆27May 8, 2025Updated 9 months ago
- Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]☆27Jun 3, 2024Updated last year