Burp suite 的插件集合
☆241Mar 13, 2021Updated 5 years ago
Alternatives and similar repositories for BurpExtender
Users that are interested in BurpExtender are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 基于Burp插件开发打造渗透测试自动化☆420Dec 7, 2021Updated 4 years ago
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆775Jan 26, 2022Updated 4 years ago
- 新一代子域名主/被动收集工具 - Subdomain automatic/passive collection tool☆500Oct 9, 2022Updated 3 years ago
- 各种数据库的利用姿势☆1,036Jan 3, 2025Updated last year
- 红队常用命令速查☆1,026Mar 17, 2026Updated 3 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Banli-高危资产识别和高危漏洞扫描☆457Apr 10, 2023Updated 3 years ago
- 备份文件扫描,并自动进行下载☆129Jul 26, 2023Updated 2 years ago
- 🚀 一款为了学习go而诞生的漏洞利用工具☆450Jun 14, 2022Updated 4 years ago
- 输入域名>爆破子域名>扫描子域名端口>发现扫描web服务>集成报告的全流程全自动扫描器。集成oneforall、masscan、nmap、dirsearch、crawlergo、xray等工具,另支持cdn识别、网 页截图、站点定位;动态识别域名并添加功能、工具超时中断等☆809Mar 13, 2024Updated 2 years ago
- 内网域渗透小工具☆733Apr 20, 2021Updated 5 years ago
- Burp被动扫描流量转发插件☆1,463Jun 17, 2024Updated 2 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方 案。☆126May 14, 2021Updated 5 years ago
- 域控安全one for all☆740Sep 9, 2024Updated last year
- 面向HW的红队半自动扫描器☆227Dec 16, 2021Updated 4 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,056Oct 7, 2022Updated 3 years ago
- Java编写,Python作为辅助依赖的漏洞验证、利用工具,添加了进程查找模块、编码模块、命令模块、常见漏洞利用GUI模块、shiro rememberMe解密模块,加快测试效率☆761Feb 25, 2024Updated 2 years ago
- Shiro-550 不依赖CC链利用工具☆449Jun 19, 2024Updated 2 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,016May 21, 2024Updated 2 years ago
- 用于host碰撞而生的小工具,专门检测渗透中需要绑定hosts才能访问的主机或内部系统☆680Jun 13, 2024Updated 2 years ago
- 一些关于渗透测试的Tips☆612Dec 19, 2022Updated 3 years ago
- 一款基于BurpSuite的被动式FastJson检测插件☆1,249Oct 1, 2022Updated 3 years ago
- 这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。☆634Apr 4, 2021Updated 5 years ago
- 数据库综合利用工具☆545Feb 16, 2022Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- 一款基于burp的反射xss检测插件☆154Dec 1, 2021Updated 4 years ago
- 攻防演习/渗透 测试资产处理小工具,对攻防演习/渗透测试前的信息搜集到的大批量资产/域名进行存活检测、获取标题头、语料提取、常见web端口检测等。☆634Jun 19, 2024Updated 2 years ago
- Log4j2 RCE Passive Scanner plugin for BurpSuite☆835Aug 4, 2023Updated 2 years ago
- Lateral Movement☆940Mar 24, 2026Updated 3 months ago
- Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点 资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。☆1,011Jan 26, 2022Updated 4 years ago
- SpringScan 漏洞检测 Burp插件☆607Nov 14, 2023Updated 2 years ago
- 大宝剑-边界资产梳理工具(红队、蓝队、企业组织架构、子域名、Web资产梳理、Web指纹识别、ICON_Hash资产匹配)☆924Feb 8, 2022Updated 4 years ago
- 主流供应商的一些攻击性漏洞汇总☆804Nov 8, 2021Updated 4 years ago
- 域渗透脑图中文翻译版☆279Sep 18, 2021Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Fastjson姿势技巧集合☆1,850Oct 20, 2023Updated 2 years ago
- Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件☆1,324Jun 29, 2024Updated 2 years ago
- BurpBounty 魔改版本☆417Mar 21, 2022Updated 4 years ago
- 开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)☆1,628Oct 10, 2023Updated 2 years ago
- 一款红队在大量的资产中存活探测与重点攻击系统指纹探测工具☆1,725Dec 22, 2023Updated 2 years ago
- Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。☆693Jan 4, 2021Updated 5 years ago
- 获取 alibaba druid 一些 sessions , sql , urls☆324Apr 4, 2025Updated last year