ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6
☆217Aug 17, 2017Updated 8 years ago
Alternatives and similar repositories for dnsAutoRebinding
Users that are interested in dnsAutoRebinding are comparing it to the libraries listed below
Sorting:
- A simple dns resolver of dns-record and web-record log server for pentesting☆132Nov 7, 2017Updated 8 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago
- GitLeak 是一个从 Github 上查找密码信息的小工具☆128May 15, 2018Updated 7 years ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆297Jun 10, 2019Updated 6 years ago
- 从shodan获取使用了相同favicon.ico的网站☆189Feb 16, 2019Updated 7 years ago
- dynamic crawler for web vulnerability scanner☆252Mar 4, 2020Updated 5 years ago
- 一个半自动化命令注入漏洞Fuzz工具(One Semi-automation command injection vulnerability Fuzz tool)☆92Sep 28, 2017Updated 8 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆220Feb 19, 2026Updated last week
- Will to be a niubility scan-framework☆519Jul 1, 2025Updated 8 months ago
- Mogwai Java Management Extensions (JMX) Exploitation Toolkit☆174Jul 21, 2016Updated 9 years ago
- Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具☆253May 2, 2020Updated 5 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- 这是一个实验性的PHP扩展,加载这个扩展后,每次请求将可以执行一段自己的PHP代码。☆198Oct 22, 2018Updated 7 years ago
- Feigong,针对各种情况自由变化的mysql注入脚本,In view of the different things freely change the mysql injection script☆107Jan 24, 2017Updated 9 years ago
- ☆404Feb 28, 2020Updated 6 years ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆245May 8, 2019Updated 6 years ago
- a passive scanner based on Mitmproxy and Arachni☆108Aug 17, 2017Updated 8 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- a fast domain brute tool☆414Mar 2, 2018Updated 7 years ago
- ☆16Feb 26, 2018Updated 8 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆387Apr 16, 2022Updated 3 years ago
- CVE-2018-8021 Proof-Of-Concept and Exploit☆106Dec 3, 2018Updated 7 years ago
- some java code i met or i used☆29May 7, 2019Updated 6 years ago
- F-Scrack is a single file bruteforcer supports multi-protocol☆310Sep 5, 2017Updated 8 years ago
- Code-Audit-Challenges☆990Nov 17, 2018Updated 7 years ago
- 用于扫描git,svn泄露☆78Jul 29, 2015Updated 10 years ago
- ☆153Jun 24, 2019Updated 6 years ago
- flash 劫持轮子,CSRF,劫持,跳转,swf 有需求可以提issues ,src挖掘,劫持response☆86Nov 9, 2019Updated 6 years ago
- 被动式漏洞扫描系统☆873Nov 1, 2017Updated 8 years ago
- luna webscanner☆289Dec 6, 2023Updated 2 years ago
- CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability☆332Dec 30, 2018Updated 7 years ago
- 做过的实验,踩过的坑☆40Jun 7, 2018Updated 7 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- 基于burpsuite headless 的代理式被动扫描系统☆95Feb 10, 2020Updated 6 years ago
- Java every minor versions.☆74Apr 19, 2023Updated 2 years ago
- ☆145Jun 20, 2018Updated 7 years ago
- Enumeration sub domains(枚举子域名)☆1,066Dec 1, 2021Updated 4 years ago
- QAQ Just study unserialize vulnerabilities in Java :)☆196Aug 22, 2018Updated 7 years ago
- Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告☆107Dec 13, 2017Updated 8 years ago