W1one / FastJsonAttack
fastjson全版本漏洞利用工具,只支持POST
☆9Updated 4 years ago
Alternatives and similar repositories for FastJsonAttack:
Users that are interested in FastJsonAttack are comparing it to the libraries listed below
- ExpFuzz字典☆21Updated 10 months ago
- java反序列化学习笔记☆15Updated 3 years ago
- 批量处理url链接,获取多级路径并打印☆45Updated last year
- ☆38Updated 4 months ago
- CVE-2022-24990信息泄露+RCE 一条龙☆39Updated 3 years ago
- 用友NC Cloud前台远程命令执行漏洞批量扫描poc、exp,带命令执行回显☆19Updated last year
- 读取dump向日葵&Todesk进程的文件获得连接信息☆13Updated 6 months ago
- 批量无损检测CVE-2022-22965☆37Updated 3 years ago
- burpsuite POST数据包base64编码插件☆16Updated last year
- 一个用于隐藏C2的、开箱即用的反向代理服务器。旨在省去繁琐的配置Nginx服务的过程。☆13Updated 3 years ago
- 自研JavaFX图形化漏洞扫描工具,支持ThinkPHP 2.x RCE,Thinkphp5 5.0.22/5.1.29RCE,ThinkPHP5 5.0.23RCE和ThinkPHP5 SQL注入漏洞和敏感信息泄露漏洞的 漏洞检测,以及命令执行的功能。漏洞POC基本适用Th…☆17Updated 2 years ago
- zip slip☆36Updated 2 years ago
- 基于go语言的帆软报表漏洞检测工具☆14Updated 2 years ago
- 重点系统指纹识别的工具☆34Updated 3 years ago
- Burp-Plugin-study☆16Updated 3 years ago
- druid数据库密码解密☆31Updated 2 years ago
- .NET 执行命令的方法合集☆24Updated 2 years ago
- 内存马生成工具 Tomcat、Weblogic、CMD、Behinder、Godzilla、Suo5......☆23Updated 2 months ago
- 大华智慧园区系统sso_initsession文件上传批量脚本☆21Updated last year
- golang写的批量对目标网站进行截图的小工具,适合目标资产比较多时,快速定位薄弱点。☆32Updated 2 years ago
- Domain penetration automation module one, domain information collection.☆18Updated 2 years ago
- Alibaba Nacos存在默认token.secret.key,导致远程攻击者可以绕过密钥认证接管Nacos☆18Updated 2 years ago
- 某免杀webshell☆19Updated last year
- 泛微OA_V9全版本前台任意文件上传漏洞☆29Updated 3 years ago
- Burp suite 插件 实现参数溢出、垃圾数据、字典笛卡尔积☆27Updated 3 years ago
- ☆36Updated last year
- 蓝凌oa无回显rce漏洞poc脚本Updated 2 years ago
- lineadd 渗透测试字典管理工具, 让字典管理生活轻松一点。Penetration test dictionary management tool, make dictionary management life a little easier.☆27Updated last year
- 获取域控权限方法枚举☆12Updated 2 years ago
- CVE-2021-22205 检测脚本,支持getshell和命令执行☆12Updated 2 years ago