该项目收集了很多厂商产品CMS的漏洞环境,以web为主。漏洞环境主要以Dockerfile的文件形式呈现,用户只需一键启动相应漏斗环境,使用项目文章中提供的poc,便可进行复现。
☆67May 2, 2025Updated 10 months ago
Alternatives and similar repositories for VulneraLab
Users that are interested in VulneraLab are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 用Go+Fyne开发的,展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。☆125Jan 14, 2025Updated last year
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆572Feb 7, 2026Updated last month
- Automated mRemoteNG Decrypt Tool☆27Apr 14, 2024Updated last year
- 帆软bi反序列化漏洞利用工具☆56Jun 4, 2024Updated last year
- 腾讯安全沙龙 一 二 三 期PPT集合☆19May 24, 2025Updated 10 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆16Oct 30, 2022Updated 3 years ago
- 一款专注于 Java 主流 Web 中间件的内存马快速生成工具,致力于简化安全研究人员和红队成员的工作流程,提升攻防效率☆1,355Mar 4, 2026Updated 3 weeks ago
- JavaGadgetGenerator 工具,支持 ysoserial,Hessian,字节码,Expr/SSTI,Shiro,JDBC 等 Gadget 生成,封装,混淆,出网延迟探测,内存马注入等...☆552Dec 7, 2025Updated 3 months ago
- Visual Studio .suo文件反序列化漏洞利用工具☆17Jun 28, 2025Updated 8 months ago
- 记录一些代码审计过的源码☆182Feb 26, 2025Updated last year
- Spring Boot whitelabel error page SpEL rce EXP☆13May 24, 2024Updated last year
- 基于W01fh4cker大佬的LearnJavaMemshellFromZero从零掌握java内存马的复现重组版本。☆93Jul 7, 2025Updated 8 months ago
- 历史漏洞的细节以及利用方法汇总收集☆165Dec 4, 2024Updated last year
- ☆13Jul 22, 2023Updated 2 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- 支持Tomcat内存马查杀的JSP脚本☆66Jun 16, 2025Updated 9 months ago
- Note driven hacking weaponized vscode project guide. 笔记驱动渗透测试——武器化 vscode 项目指南☆37Jul 18, 2025Updated 8 months ago
- 命令执行写任意文件,主要用于命令执行但不出网情况☆31Sep 9, 2023Updated 2 years ago
- 东方隐侠团队出品,代码审计skill☆74Feb 25, 2026Updated last month
- 一款Jenkins的综合漏洞利用工具☆462Mar 20, 2024Updated 2 years ago
- A list for Web Security and Code Audit☆1,220Dec 3, 2024Updated last year
- jeecg综合漏洞利用工具☆427Aug 30, 2024Updated last year
- Java bytecode line number restoration tool☆135Aug 31, 2025Updated 6 months ago
- daydayExp的漏洞POC仓库,慢慢更新...☆371Nov 4, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- 梳理【护网高利用率POC】并集成Nuclei模板仓库,针对解决网上同一资产漏洞一键检测工具参次不齐问题。☆577Mar 21, 2024Updated 2 years ago
- Burpsuite - Js Route Scan 正则匹配获取响应中的路由进行被动探测与递归目录探测的burp插件☆370Jun 7, 2024Updated last year
- Vulnerability POC/EXP Collection and Classification☆23Sep 18, 2024Updated last year
- 一款基于污点分析的PHP扫描工具,能快速匹配从常见Source点如$_POST、$GET到Sink点system等的路径,同时支持单独对函数的扫描。☆170Apr 10, 2025Updated 11 months ago
- xxl-job内存马☆227Jan 26, 2025Updated last year
- The first Computer Emergency Response (ARK) Tools for young people ;) 年轻人的第一款应急响应(ARK)工具 ;)☆669Oct 21, 2025Updated 5 months ago
- DNSLOG、httplog、rmilog、ldaplog、jndi 等都支持,完全匿名 产品(fuzz.red),Alphalog与传统DNSLog不同,更快、更安全。☆457Aug 20, 2025Updated 7 months ago
- 一款Java内存马生成、测试工具,搭配@ax1sX的MemShell食用。☆262Feb 15, 2026Updated last month
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆140Mar 11, 2024Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- 帆软bi反序列化漏洞利用工具☆416Jan 25, 2025Updated last year
- nginx WebShell/内存马,更优雅的nignx backdoor☆324Jan 4, 2024Updated 2 years ago
- Some ReadObject Sink With JDBC☆243May 8, 2024Updated last year
- 基于 OPSEC 的 CobaltStrike 后渗透自动化链☆451Mar 11, 2024Updated 2 years ago
- 入侵痕迹清理/Cleaning up traces of intrusion☆244Nov 6, 2024Updated last year
- useful-code☆194Mar 8, 2024Updated 2 years ago
- 一个多源漏洞情报聚合工具,能够从多个权威安全数据源爬取漏洞信息,去重后生成结构化报告。支持自定义时间范围查询、多格式输出和自动化定时任务。☆29Updated this week