(Deprecated) HQLmap, Automatic tool to exploit HQL injections
☆231Feb 7, 2020Updated 6 years ago
Alternatives and similar repositories for HQLmap
Users that are interested in HQLmap are comparing it to the libraries listed below
Sorting:
- Study about HQL injection exploitation.☆52May 15, 2016Updated 9 years ago
- 用于扫描git,svn泄露☆78Jul 29, 2015Updated 10 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆387Apr 16, 2022Updated 3 years ago
- A Python Framework For NoSQL Scanning and Exploitation☆602Dec 6, 2024Updated last year
- Deliberately vulnerable web application☆22Jun 18, 2017Updated 8 years ago
- cve-2014-0130 rails directory traversal vuln☆19May 15, 2017Updated 8 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- ☆61Sep 21, 2020Updated 5 years ago
- penetration testing framework that can use socks4/socks5 proxy.☆53Sep 6, 2014Updated 11 years ago
- A lightweight CSRF Toolkit for easy Proof of concept☆172Jun 11, 2014Updated 11 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- Advanced HTTP fingerprinting PoC☆45Mar 27, 2017Updated 8 years ago
- 可以自定义规则的密码字典生成器,支持图形界面 A password-generator that base on the rules that you specified☆563Apr 20, 2024Updated last year
- `wash` is a framework for creating and interfacing with trojans that can establish a "web shell" on a compromised web server. It is desig…☆31Nov 7, 2016Updated 9 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆166Apr 5, 2019Updated 6 years ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,721Dec 1, 2024Updated last year
- ☆743Nov 20, 2019Updated 6 years ago
- A framework for creating modular bots/backdoors☆21Jul 27, 2015Updated 10 years ago
- Blind SQL injection exploitation tool written in ruby.☆99Dec 1, 2024Updated last year
- 一个半自动化命令注入漏洞Fuzz工具(One Semi-automation command injection vulnerability Fuzz tool)☆92Sep 28, 2017Updated 8 years ago
- weblogic t3 deserialization rce☆268Jul 13, 2017Updated 8 years ago
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in …☆11Jun 21, 2018Updated 7 years ago
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,516Jan 21, 2020Updated 6 years ago
- The official repo of BSIS☆14Feb 16, 2012Updated 14 years ago
- Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in full…☆1,272Sep 4, 2022Updated 3 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago
- Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具☆253May 2, 2020Updated 5 years ago
- based on search engine and get the valid infomation to test the vulnerability☆16Jun 16, 2016Updated 9 years ago
- My collection of exploit development skeletons for fuzzing, overwriting the stack, remote code execution, etc.☆16Mar 19, 2025Updated last year
- Vulnerable Node.js Web Application to pratice with your pentesting skills☆21Apr 29, 2017Updated 8 years ago
- RCE Exploit PoC for XMLDecoder☆63Aug 1, 2013Updated 12 years ago
- SPIP (CMS) Scanner for penetration testing purpose written in Python☆73Aug 29, 2014Updated 11 years ago
- OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. It fosters a principle of attack the web usin…☆163Jan 21, 2021Updated 5 years ago
- IDS Bypass tricks☆122Jan 11, 2019Updated 7 years ago
- 动态多线程敏感信息泄露检测工具☆1,144Dec 17, 2016Updated 9 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Jan 31, 2017Updated 9 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,135Dec 16, 2024Updated last year
- Tomcat-Ajp协议文件读取漏洞☆796Mar 3, 2020Updated 6 years ago
- Microsoft Outlook WebAPP Brute☆65May 27, 2014Updated 11 years ago