基于BurpShiroPassiveScan修改增加了Xray回显链生成
☆56Sep 6, 2022Updated 3 years ago
Alternatives and similar repositories for ShiroScan2
Users that are interested in ShiroScan2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- 使用java编写的CRLF-Injection-burp被动扫描插件☆45Dec 20, 2022Updated 3 years ago
- [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload☆91Sep 2, 2022Updated 3 years ago
- Yapi mock script RCE another version. Webshell way. 另一种 Webshell 方式的 Yapi 命令执行的方法 相比于其他的利用方式 更加微操和可控 影响更小☆66Jul 4, 2024Updated last year
- Assassin是一款精简的基于命令行的webshell管理工具,它有着多种payload发送方式和编码方式,以及精简的payload代码,使得它成为隐蔽的暗杀者,难以被很好的防御。☆124May 17, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- 哥斯拉nacos后渗透插件 maketoken adduser☆150Jul 7, 2023Updated 2 years ago
- CVE-2024-36401 图形化利用工具,支持各个JDK版本利用以及回显、内存马实现☆40Jul 16, 2025Updated 8 months ago
- CVE-2022-30525 Zyxel 防火墙命令注入漏洞 POC&EXPC☆12May 28, 2022Updated 3 years ago
- BurpHttpHelper是一款Burpsuite插件,主要用于简化和解决Burpsuite对Http的一些操作.☆109Jan 22, 2023Updated 3 years ago
- rmi打内存马工具,适用于目标用不了ldap的情况☆254Jul 12, 2023Updated 2 years ago
- 常用功能的DLL插件☆86Sep 24, 2025Updated 6 months ago
- An improvement over the original Mimikatz wrapper.☆19Aug 11, 2021Updated 4 years ago
- Text4Shell的burp被动扫描插件☆36Dec 29, 2022Updated 3 years ago
- 支持注入内存马和Bypass WAF☆29Dec 12, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- 一款用于辅助渗透测试工程师日常渗透测试的Burp被动漏扫插件☆242Nov 25, 2022Updated 3 years ago
- 帆软bi反序列化漏洞利用工具☆56Jun 4, 2024Updated last year
- fastjson 80 远程代码执行漏洞复现☆199Sep 7, 2022Updated 3 years ago
- CVE-2022-22947注入哥斯拉内存马☆28Jun 21, 2023Updated 2 years ago
- 一个用友漏洞检测工具☆29May 15, 2024Updated last year
- Shiro文件上传工具☆102Jun 28, 2023Updated 2 years ago
- jsfind burp插件版☆18May 27, 2022Updated 3 years ago
- Apache Ofbiz CVE-2023-51467 图形化漏洞利用工具☆39Jan 6, 2024Updated 2 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆14Jul 28, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- 内存加载shellcode绕过waf☆209Jul 25, 2022Updated 3 years ago
- 自己的JNDI 利用工具,添加一些人性化功能☆132Sep 4, 2022Updated 3 years ago
- Java内存马注入工具☆253Apr 8, 2023Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- 本工具的定位是快速生成Java安全相关的Payload,如内存马、反序列化链、JNDI url、Fastjson等,动态生成相关Payload,并附带相应的文档。☆94Feb 25, 2025Updated last year
- 一些自己常用的渗透字典☆230Aug 19, 2022Updated 3 years ago
- 收集内存马打入方式☆508May 20, 2022Updated 3 years ago
- 用友的一些反序列化链子以及1day,二开了狼组的YongYouNcTool,改了一下逻辑以及poc☆125Oct 12, 2024Updated last year
- 用友 nc 系列密码解密☆62Apr 7, 2023Updated 3 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- SpringFramework 远程代码执行漏洞CVE-2022-22965☆73Apr 1, 2022Updated 4 years ago
- 命令执行不回显但DNS协议出网的命令回显场景解决方案☆277Jan 10, 2023Updated 3 years ago
- 基于dbcp的fastjson rce 回显☆197Jun 28, 2021Updated 4 years ago
- 内存马学习☆172May 29, 2022Updated 3 years ago
- ☆29Feb 2, 2024Updated 2 years ago
- 批量ShiroKey检测爆破工具☆309Jan 4, 2023Updated 3 years ago
- 一个以fuzz为中心思想的被动扫描工具☆160Dec 26, 2023Updated 2 years ago