Marven11 / Fenjing
专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF
☆604Updated this week
Related projects: ⓘ
- exec BashCommand with only ! # $ ' ( ) < \ { } just 10 charset used in Bypass or CTF☆179Updated last month
- Deployment template for docker target machine in ctf for CTFd and other platforms that support dynamic flags☆218Updated last month
- 一款针对CTF竞赛MISC的工具~☆374Updated 3 weeks ago
- 一款用于自动化处理内存取证的Python脚本,并提供GUI界面☆278Updated 7 months ago
- ☆1,315Updated this week
- 实战沉淀字典☆1,153Updated last month
- AoiAWD-专为比赛设计,便携性好,低权限运行的EDR系统。☆951Updated last month
- 基于Memprocfs和Volatility的可视化内存取证工具☆217Updated last month
- dddd是一款使用简单的批量信息收集,供应链漏洞探测工具,旨在优化红队工作流,减少伤肝的机械性操作。支持从Hunter、Fofa批量拉取目标☆1,005Updated last month
- vulntarget靶场系列☆682Updated 3 months ago
- CTF-NetA是一款专门针对CTF比赛的网络流量分析工具,可以对常见的网络流量进行分析,快速自动获取flag。☆180Updated last month
- Linux权限维持☆642Updated 3 weeks ago
- 自动爆破PNG图片宽高并一键修复工具☆171Updated last month
- 从零学习AWD比赛指导手册以及AWD脚本整理☆383Updated 2 weeks ago
- WeblogicTool,GUI漏洞利用工具,支持漏洞检测、命令执行、内存马注入、密码解密等(深信服深蓝实验室天威战队强力驱动)☆1,532Updated 10 months ago
- 记录实战中的各种sql注入绕过姿势☆616Updated 2 years ago
- xia SQL (瞎注) burp 插件 ,在每个参数后面填加一个单引号,两个单引号,一个简单的判断注入小插件。☆926Updated last year
- Automatically Collect POC or EXP from GitHub by CVE ID. If you are unable to find the POC/EXP on GitHub, you can also check here: https:…☆906Updated this week
- 目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别☆702Updated last year
- CTF🚩 AWD (Attack with Defense) 线下赛平台 / AWD platform - 欢迎 Star~ ✨☆894Updated 5 months ago
- ☆841Updated 3 months ago
- A powerful PHP WAF for AWD☆638Updated 2 months ago
- 哥斯拉webshell管理工具二次开发规避流量检测设备☆774Updated last month
- ☆319Updated last year
- 猫猫Cs:基于Cobalt Strike[4.5]二开 (原dogcs二开移植)☆922Updated 2 months ago
- OA漏洞利用工具☆973Updated 2 months ago
- MDUT - Multiple Database Utilization Tools☆1,938Updated 11 months ago
- A list for Web Security and Code Audit☆890Updated last month
- 针对CTF线下赛的通用WAF,日志审计功能。☆256Updated last year
- 收集、整理、修改互联网上公开的漏洞POC☆794Updated last month