该项目收集了很多厂商产品CMS的漏洞环境,以web为主。漏洞环境主要以Dockerfile的文件形式呈现,用户只需一键启动相应漏斗环境,使用项目文章中提供的poc,便可进行复现。
☆69May 2, 2025Updated last year
Alternatives and similar repositories for VulneraLab
Users that are interested in VulneraLab are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 用Go+Fyne开发的,展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。☆126Jan 14, 2025Updated last year
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆579Feb 7, 2026Updated 2 months ago
- Automated mRemoteNG Decrypt Tool☆27Apr 14, 2024Updated 2 years ago
- 帆软bi反序列化漏洞利用工具☆56Jun 4, 2024Updated last year
- 腾讯安全沙龙 一 二 三 期PPT集合☆19May 24, 2025Updated 11 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- ☆16Oct 30, 2022Updated 3 years ago
- 一款专注于 Java 主流 Web 中间件的内存马快速生成工具,致力于简化安全研究人员和红队成员的工作流程,提升攻防效率☆1,444Apr 26, 2026Updated last week
- JavaGadgetGenerator 工具,支持 ysoserial,Hessian,字节码,Expr/SSTI,Shiro,JDBC 等 Gadget 生成,封装,混淆,出网延迟探测,内存马注入等...☆564Apr 3, 2026Updated last month
- Visual Studio .suo文件反序列化漏洞利用工具☆17Jun 28, 2025Updated 10 months ago
- 记录一些代码审计过的源码☆183Feb 26, 2025Updated last year
- Spring Boot whitelabel error page SpEL rce EXP☆13May 24, 2024Updated last year
- 基于W01fh4cker大佬的LearnJavaMemshellFromZero从零掌握java内存马的复现重组版本。☆93Jul 7, 2025Updated 9 months ago
- 历史漏洞的细节以及利用方法汇总收集☆164Dec 4, 2024Updated last year
- ☆14Jul 22, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- 命令执行写任意文件,主要用于命令执行但不出网情况☆31Sep 9, 2023Updated 2 years ago
- Note driven hacking weaponized vscode project guide. 笔记驱动渗透测试——武器化 vscode 项目指南☆37Jul 18, 2025Updated 9 months ago
- 支持Tomcat内存马查杀的JSP脚本☆66Jun 16, 2025Updated 10 months ago
- 一款Jenkins的综合漏洞利用工具☆468Mar 20, 2024Updated 2 years ago
- A list for Web Security and Code Audit☆1,229Dec 3, 2024Updated last year
- jeecg综合漏洞利用工具☆437Aug 30, 2024Updated last year
- daydayExp的漏洞POC仓库,慢慢更新...☆378Nov 4, 2024Updated last year
- 梳理【护网高利用率POC】并集成Nuclei模板仓库,针对解决网上同一资产漏洞一键检测工具参次不齐问题。☆578Mar 21, 2024Updated 2 years ago
- Java bytecode line number restoration tool☆141Aug 31, 2025Updated 8 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Burpsuite - Js Route Scan 正则匹配获取响应中的路由进行被动探测与递归目录探测的burp插件☆371Jun 7, 2024Updated last year
- Vulnerability POC/EXP Collection and Classification☆23Sep 18, 2024Updated last year
- 一款基于污点分析的PHP扫描工具,能快速匹配从常见Source点如$_POST、$GET到Sink点system等的路径,同时支持单独对函数的扫描。☆173Apr 10, 2025Updated last year
- xxl-job内存马☆230Jan 26, 2025Updated last year
- The first Computer Emergency Response (ARK) Tools for young people ;) 年轻人的第一款应急响应(ARK)工具 ;)☆672Oct 21, 2025Updated 6 months ago
- DNSLOG、httplog、rmilog、ldaplog、jndi 等都支持,完全匿名 产品(fuzz.red),Alphalog与传统DNSLog不同,更快、更安全。☆458Aug 20, 2025Updated 8 months ago
- 一款Java内存马生成、测试工具,搭配@ax1sX的MemShell食用。☆264Feb 15, 2026Updated 2 months ago
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆140Mar 11, 2024Updated 2 years ago
- 帆软bi反序列化漏洞利用工具☆420Jan 25, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- nginx WebShell/内存马,更优雅的nignx backdoor☆325Jan 4, 2024Updated 2 years ago
- Some ReadObject Sink With JDBC☆245May 8, 2024Updated last year
- useful-code☆195Mar 8, 2024Updated 2 years ago
- 基于 OPSEC 的 CobaltStrike 后渗透自动化链☆453Mar 11, 2024Updated 2 years ago
- 入侵痕迹清理/Cleaning up traces of intrusion☆251Nov 6, 2024Updated last year
- IDEA代码审计辅助插件(深信服深蓝实验室天威战队强力驱动)☆584Mar 10, 2025Updated last year
- 让"WAF绕过"变得简单☆435Jan 26, 2025Updated last year