chain00x / authbypass

Related projects: ⓘ

• expzhizhuo / iotscan-web
  这是一个基于vue3+element-plus+vite4+pinia开发一个资产测绘平台+漏洞扫描的前端项目，提供多种自定义的开发，如果你的扫描器或资产测绘平台不追求UI仅仅是为了快速开发，可以参考此项目。
  ☆62Updated 3 months ago
• Aur0ra-m / Autorize
  Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…
  ☆27Updated 9 months ago
• InsBug / ARLtoAWVS
  ARL与AWVS联动，实现自动化扫描并推送结果
  ☆15Updated 2 months ago
• wgpsec / EndpointSearch
  EndpointSearch 是一个探测云服务端点的扫描器。Endpoint Search is a sophisticated reconnaissance utility designed to discreetly identify and enumerate end…
  ☆64Updated last month
• Esonhugh / public-nuclei-template
  Esonhugh self-maintained-nuclei-templates public version. Use this as ~/nuclei-templates/local/esonhugh-public-nuclei, nuclei will add au…
  ☆58Updated 6 months ago
• Maskhe / BugBountyNotes
  简单记录下自己在挖掘SRC
  ☆31Updated 3 years ago
• Luci4n555 / ApiFuzzDictionary
  红队API接口Fuzz字典，WEB安全，渗透测试，API，字典
  ☆40Updated 4 months ago
• winezer0 / knife-plus
  burpsuite knife插件维护分支（2024持续更新中）
  ☆5Updated 3 months ago
• dreamncn / CustomCrypto
  Burp自定义加解密插件
  ☆54Updated 11 months ago
• test502git / Hosts_scanV2
  这是一个用于IP和域名碰撞匹配访问的小工具优化版，能减少碰撞中出来的误报，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
  ☆45Updated 2 years ago
• leveryd-asm / asm
  Scanner platform based on Kubernetes and Argo-Workflow 基于k8s和argo工作流的扫描器
  ☆106Updated 9 months ago
• 7coinSec / ThinkPhp6LangRceTools
  ☆36Updated last year
• a6903147 / FingerVulnScanner
  识别指纹后进行对应cms的漏洞扫描
  ☆18Updated 3 weeks ago
• damit5 / cdnCheck_go
  快速批量判断目标列表是否存在CDN
  ☆25Updated 8 months ago
• 0xf4n9x / Zentao-Captcha-RCE
  禅道研发项目管理系统`misc-captcha-user`认证绕过后台命令注入漏洞
  ☆80Updated last year
• HackAllSec / FuzzDict
  经过优化的渗透测试Payload字典、Fuzz Payload字典。Penetration testing Payload dictionary, Fuzzy Payload dictionary
  ☆29Updated 2 months ago
• cyal1 / host_scan
  这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。https://github.com/fofapro/Hosts_scan implement in Go
  ☆113Updated 2 years ago
• ShangRui-hash / bucket-takeover-lab
  子域名接管的几种变体靶场
  ☆22Updated 2 months ago
• HackJava / JNDI
  《JNDI-深入理解Java万恶之源》
  ☆38Updated 10 months ago
• Hypdncy / BurpUnExInfo
  一种收集敏感信息的Burp插件
  ☆31Updated 2 years ago
• GhostTroops / ksubdomain
  子域名爆破，增加了智能爬虫功能
  ☆57Updated 5 months ago
• Co5mos / nuclei-tps
  ☆32Updated this week
• Mr-xn / thinkphp_lang_RCE
  about thinkphp lang RCE QVD-2022-46174 v6.0.1 <= Thinkphp <= v6.0.13 Thinkphp v5.0.x Thinkphp v5.1.x
  ☆38Updated last year
• dahezhiquan / CharcoalFire
  炭火，渗透测试全流程工具
  ☆23Updated 2 months ago
• VVeakee / auth-analyzer-plus
  ☆22Updated 2 years ago
• k3rwin / log4j2-intranet-scan
  log4j2内网扫描
  ☆51Updated 2 years ago
• smallfox233 / ExpToPocsuite3
  goby exp批量转换为pocsuite3 exp脚本
  ☆15Updated last year
• pmiaowu / BurpHttpForwardRequests
  burp-http请求转发至其他模块的插件
  ☆75Updated 4 years ago
• wjlin0 / CVE-2024-23897
  CVE-2024-23897 - Jenkins 任意文件读取 利用工具
  ☆67Updated 6 months ago
• fuyoumingyan / auto
  ☆24Updated this week
• akkuman / HunterApi
  奇安信的网络空间测绘引擎 hunter 的 api 查询导出工具
  ☆70Updated 2 years ago