Marven11 / Fenjing
专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF
☆932Updated this week
Alternatives and similar repositories for Fenjing:
Users that are interested in Fenjing are comparing it to the libraries listed below
- vulhub Vulnerability Reproduction Designated Platform☆1,448Updated 3 weeks ago
- CTF-NetA是一款专门针对CTF比赛的网络流量分析工具,可以对常见的网络流量进行分析,快速自动获取flag。☆531Updated this week
- Deployment template for docker target machine in ctf for CTFd and other platforms that support dynamic flags☆301Updated last month
- 一款针对CTF竞赛MISC的工具~☆466Updated 5 months ago
- 实战沉淀字典☆1,367Updated last week
- OA漏洞利用工具☆1,275Updated 2 months ago
- dddd是一款使用简单的批量信息收集,供应链漏洞探测工具,旨在优化红队工作流,减少伤肝的机械性操作。支持从Hunter、Fofa批量拉取目标☆1,359Updated 8 months ago
- AoiAWD-专为比赛设计,便携性好,低权限运行的EDR系统。☆1,021Updated 8 months ago
- vulntarget靶场系列☆792Updated 10 months ago
- a rep for documenting my study, may be from 0 to 0.1☆2,049Updated 3 months ago
- 基于Memprocfs和Volatility的可视化内存取证工具☆857Updated this week
- 备份的漏洞库,3月开始我们来维护☆896Updated this week
- 收集、整理、修改互联网上公开的漏洞POC☆910Updated 3 weeks ago
- OneScan 是一款用于递归目录扫描的 BurpSuite 插件☆1,067Updated last month
- 蓝队分析研判工具箱,功能包括内存马反编译分析、各种代码格式化、网空资产测绘功能、溯源辅助、解密冰蝎流量、解密哥斯拉流量、解密Shiro/CAS/Log4j2的攻击payload、IP/端口连接分析、各种编码/解码功能、蓝队分析常用网址、java反序列化数据包分析、Java类…☆1,339Updated last month
- xia SQL (瞎注) burp 插件 ,在每个参数后面填加一个单引号,两个单引号,一个简单的判断注入小插件。☆1,060Updated last year
- exec BashCommand with only ! # $ ' ( ) < \ { } just 10 charset used in Bypass or CTF☆229Updated 8 months ago
- 目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别☆770Updated last year
- ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。☆1,423Updated last month
- ☆36Updated last month
- 攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。☆1,195Updated 6 months ago
- Automatically Collect POC or EXP from GitHub by CVE ID.☆1,008Updated this week
- 一个基于 docsify 快速部署 Awesome-POC 漏洞文档的项目。Deploying the Awesome-POC repository via docsify.☆1,857Updated this week
- MDUT - Multiple Database Utilization Tools☆2,102Updated last year
- WeblogicTool,GUI漏洞利用工具,支持漏洞检测、命令执行、内存马注入、密码解密等(深信服深蓝实验室天威战队强力驱动)☆1,666Updated last year
- Linux权限维持☆717Updated 7 months ago
- 一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.☆1,856Updated 3 months ago
- 【Hello-CTF labs】一个想帮你收集所有RCE技巧的靶场。☆228Updated last week
- An integrated BurpSuite vulnerability detection plug-in.☆1,235Updated 7 months ago
- Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件☆1,241Updated 9 months ago