该项目收集了很多厂商产品CMS的漏洞环境,以web为主。漏洞环境主要以Dockerfile的文件形式呈现,用户只需一键启动相应漏斗环境,使用项目文章中提供的poc,便可进行复现。
☆69May 2, 2025Updated last year
Alternatives and similar repositories for VulneraLab
Users that are interested in VulneraLab are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 用Go+Fyne开发的,展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。☆127Jan 14, 2025Updated last year
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆586Feb 7, 2026Updated 3 months ago
- Automated mRemoteNG Decrypt Tool☆27Apr 14, 2024Updated 2 years ago
- 帆软bi反序列化漏洞利用工具☆56Jun 4, 2024Updated last year
- 腾讯安全沙龙 一 二 三 期PPT集合☆19May 24, 2025Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- ☆16Oct 30, 2022Updated 3 years ago
- 一款专注于 Java 主流 Web 中间件的内存马快速生成工具,致力于简化安全研究人员和红队成员的工作流程,提升攻防效率☆1,465Apr 26, 2026Updated 3 weeks ago
- JavaGadgetGenerator 工具,支持 ysoserial,Hessian,字节码,Expr/SSTI,Shiro,JDBC 等 Gadget 生成,封装,混淆,出网延迟探测,内存马注入等...☆569Apr 3, 2026Updated last month
- Visual Studio .suo文件反序列化漏洞利用工具☆17Jun 28, 2025Updated 10 months ago
- 记录一些代码审计过的源码☆183Feb 26, 2025Updated last year
- Spring Boot whitelabel error page SpEL rce EXP☆13May 24, 2024Updated 2 years ago
- 基于W01fh4cker大佬的LearnJavaMemshellFromZero从零掌握java内存马的复现重组版本。☆93Jul 7, 2025Updated 10 months ago
- 历史漏洞的细节以及利用方法汇总收集☆166Dec 4, 2024Updated last year
- ☆14Jul 22, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- 命令执行写任意文件,主要用于命令执行但不出网情况☆31Sep 9, 2023Updated 2 years ago
- Note driven hacking weaponized vscode project guide. 笔记驱动渗透测试——武器化 vscode 项目指南☆37Jul 18, 2025Updated 10 months ago
- A list for Web Security and Code Audit☆1,237Dec 3, 2024Updated last year
- 一款Jenkins的综合漏洞利用工具☆469Mar 20, 2024Updated 2 years ago
- 支持Tomcat内存马查杀的JSP脚本☆67Jun 16, 2025Updated 11 months ago
- jeecg综合漏洞利用工具☆440Aug 30, 2024Updated last year
- daydayExp的漏洞POC仓库,慢慢更新...☆378Nov 4, 2024Updated last year
- 梳理【护网高利用率POC】并集成Nuclei模板仓库,针对解决网上同一资产漏洞一键检测工具参次不齐问题。☆578Mar 21, 2024Updated 2 years ago
- Java bytecode line number restoration tool☆142Aug 31, 2025Updated 8 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Burpsuite - Js Route Scan 正则匹配获取响应中的路由进行被动探测与递归目录探测的burp插件☆373Jun 7, 2024Updated last year
- Vulnerability POC/EXP Collection and Classification☆23Sep 18, 2024Updated last year
- 一款基于污点分析的PHP扫描工具,能快速匹配从常见Source点如$_POST、$GET到Sink点system等的路径,同时支持单独对函数的扫描。☆173Apr 10, 2025Updated last year
- xxl-job内存马☆232Jan 26, 2025Updated last year
- The first Computer Emergency Response (ARK) Tools for young people ;) 年轻人的第一款应急响应(ARK)工具 ;)☆673Oct 21, 2025Updated 7 months ago
- DNSLOG、httplog、rmilog、ldaplog、jndi 等都支持,完全匿名 产品(fuzz.red),Alphalog与传统DNSLog不同,更快、更安全。☆458Aug 20, 2025Updated 9 months ago
- 一款Java内存马生成、测试工具,搭配@ax1sX的MemShell食用。☆263Feb 15, 2026Updated 3 months ago
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆141Mar 11, 2024Updated 2 years ago
- 帆软bi反序列化漏洞利用工具☆424Jan 25, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- nginx WebShell/内存马,更优雅的nignx backdoor☆326Jan 4, 2024Updated 2 years ago
- Some ReadObject Sink With JDBC☆246May 8, 2024Updated 2 years ago
- useful-code☆195Mar 8, 2024Updated 2 years ago
- 基于 OPSEC 的 CobaltStrike 后渗透自动化链☆452Mar 11, 2024Updated 2 years ago
- 入侵痕迹清理/Cleaning up traces of intrusion☆250Nov 6, 2024Updated last year
- IDEA代码审计辅助插件(深信服深蓝实验室天威战队强力驱动)☆584Mar 10, 2025Updated last year
- 让"WAF绕过"变得简单☆437Jan 26, 2025Updated last year