c0ny1 / xxe-lab
一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo
☆787Updated 2 years ago
Alternatives and similar repositories for xxe-lab:
Users that are interested in xxe-lab are comparing it to the libraries listed below
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆956Updated 8 months ago
- 上传漏洞fuzz字典生成脚本☆1,244Updated 3 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆732Updated 2 years ago
- SvnExploit支持SVN源代码泄露全版本Dump源码☆971Updated 2 years ago
- 从wooyun中提取的payload,以及burp插件☆844Updated 2 years ago
- XssPayload List . Usage:☆716Updated 5 years ago
- Burpsuite-Plugins-Usage☆508Updated 4 years ago
- Burp被动扫描流量转发插件☆1,420Updated 8 months ago
- Burp suite 分块传输辅助插件☆1,958Updated 2 years ago
- Shiro<=1.2.4反序列化,一键检测工具☆980Updated 3 years ago
- MSSQL注入提权,bypass的一些总结☆720Updated 7 months ago
- 360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能☆1,192Updated 3 years ago
- bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)☆1,143Updated 3 years ago
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,189Updated last year
- 通过BurpSuite来构建自己的爆破字典,可以通过字典爆破来发现隐藏资产。☆494Updated last year
- Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势☆1,369Updated 3 years ago
- sqlmap4burp++是一款兼容Windows,mac,linux多个系统平台的Burp与sqlmap联动插件☆762Updated 5 years ago
- thinkphp v5.x 远程代码执行漏洞-POC集合☆1,130Updated 6 years ago
- myscan 被动扫描☆659Updated 3 years ago
- 这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。☆1,142Updated 5 years ago
- PoCBox - Vulnerability Test Aid Platform☆953Updated 10 months ago
- ☆404Updated 4 years ago
- Apache Shiro 反序列化漏洞检测与利用工具☆527Updated 5 years ago
- 一款基于BurpSuite的被动式shiro检测插件☆1,706Updated 2 years ago
- 代码审计相关的一些知识☆418Updated 7 months ago
- 日常src平台域名收集☆590Updated 5 years ago
- Weblogic环境搭建工具☆774Updated 4 years ago
- Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。☆631Updated 4 years ago
- 针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具☆724Updated last year
- Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测☆511Updated 4 years ago