******本软件仅限用于学习交流禁止用于任何非法行为****** 本版本支持elasticsearch java语言远程命令执行及文件上传 elasticsearchgroov语言远程命令执行及文件上传 struts2-005、struts2-009、struts2-013、struts2-016、struts2-019、struts2-020、struts2-devmode、 struts2-032、struts2-033、struts2-037、struts2-045、struts2-048、struts2-052 除struts2-053全部RCE漏洞验证并支持批量验证。 Struts2漏洞验证需要python环境并需要相关类库支持.点击python按钮初始化初始化python…
☆108Oct 22, 2017Updated 8 years ago
Alternatives and similar repositories for burplugin-java-rce
Users that are interested in burplugin-java-rce are comparing it to the libraries listed below
Sorting:
- More Easier Burp Extension To Solve Javascript Front End Encryption,一款更易使用的解决前端加密问题的Burp插件。☆46Apr 15, 2020Updated 5 years ago
- web模糊测试 - 将漏洞可能性放大☆145Apr 23, 2019Updated 6 years ago
- 一款高效的参数fuzz工具|A faster param fuzzing test tool☆103Nov 8, 2020Updated 5 years ago
- POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞, 对功能进行强化以及脚本进行分类添加,自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC☆357Mar 12, 2020Updated 5 years ago
- 资产扫描工具☆45Sep 1, 2020Updated 5 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆167Apr 5, 2019Updated 6 years ago
- 通用的指纹识别规则☆371Dec 2, 2022Updated 3 years ago
- 通过BurpSuite来构建自己的爆破字典,可以通过字典爆破来发现隐藏资产。☆501Jan 30, 2024Updated 2 years ago
- Redis RCE 的几种方法☆90Jun 5, 2024Updated last year
- 对公网IP列表进行端口服务扫描,发现周期内的端口服务变化情况和弱口令安全风险☆608Apr 12, 2021Updated 4 years ago
- This tool is designed to simplify and automate the extraction and organization of useful data from Cobalt Strike logs.☆18Apr 24, 2019Updated 6 years ago
- Website Sensitive Personal Information Hunter 网站个人敏感信息文件扫描器☆216Jul 9, 2022Updated 3 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 3 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆968Jun 16, 2024Updated last year
- 可以自定义规则的密码字典生成器,支持图形界面 A password-generator that base on the rules that you specified☆562Apr 20, 2024Updated last year
- Nmap扫描、漏洞利用脚本☆339May 7, 2019Updated 6 years ago
- 📧Coremail邮件系统组织通讯录导出脚本☆158Sep 28, 2021Updated 4 years ago
- A BurpSuite extension written by Python,used to find API interface in JS file.☆114Mar 13, 2023Updated 2 years ago
- Burpsuite HTTP 插件,主要用于内网测试,可定制Content-Type和Response Content☆24Jul 2, 2018Updated 7 years ago
- Python2编写的struts2漏洞全版本检测和利用工具☆1,419May 7, 2019Updated 6 years ago
- 绕过专业工具检测的Webshell研究文章和免杀的Webshell☆1,733Nov 15, 2020Updated 5 years ago
- autoType enable☆36Sep 21, 2019Updated 6 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,388Dec 16, 2022Updated 3 years ago
- win内网_域控安全☆364May 14, 2019Updated 6 years ago
- 解密好的AWVS10.5 data/script/目录下的脚本☆267Nov 11, 2017Updated 8 years ago
- Airbug(空气洞),收集漏洞poc用于安全产品☆354Sep 26, 2019Updated 6 years ago
- Shiro<=1.2.4反序列化,一键检测工具☆988Mar 4, 2021Updated 4 years ago
- 资产探测工具,检测存活,检测风险端口,常规端口,全端口探测等等,对探测的端口的脆弱面进行安全分析进行☆438May 22, 2023Updated 2 years ago
- 修改的SweetPotato,使之可以��用于CobaltStrike v4.0☆246Apr 30, 2020Updated 5 years ago
- 记录自己编写、修改的部分工具☆1,461Oct 19, 2025Updated 4 months ago
- Collection of tested Cobaltstrike aggressor scripts.☆118Mar 16, 2020Updated 5 years ago
- Tomcat-Ajp协议文��件读取漏洞☆797Mar 3, 2020Updated 5 years ago
- 基于burpsuite headless 的代理式被动扫描系统☆95Feb 10, 2020Updated 6 years ago
- CVE-2020-2546,CVE-2020-2915 CVE-2020-2801 CVE-2020-2798 CVE-2020-2883 CVE-2020-2884 CVE-2020-2950 WebLogic T3 payload exploit poc pyth…☆133Mar 5, 2023Updated 2 years ago
- Fake框架的自动化Fuzz WAF/IDS 功能☆84Sep 19, 2019Updated 6 years ago
- Redis 4.x/5.x RCE☆975Nov 30, 2021Updated 4 years ago
- 一个用于前端加密Fuzz的Burp Suite插件☆1,059Mar 6, 2020Updated 5 years ago
- Nmap&Zmap特征识别,绕过IDS探测☆329Aug 1, 2019Updated 6 years ago
- A chrome extension use to find leak file and backup file.☆193Aug 31, 2021Updated 4 years ago