dem0ns / improper
"运维的锅" - 配置不当造成的漏洞. Docker一键式部署,快速复现。
☆8Updated 4 years ago
Alternatives and similar repositories for improper:
Users that are interested in improper are comparing it to the libraries listed below
- 根据多个不同地区进行聚合查询以获取更多 fofa 数据☆28Updated last year
- jre8u20 gadget☆33Updated 3 years ago
- 对任意http网站添加指定漏洞 目前实现部分漏洞的追加 支持本身http服务 支持反向代理追加☆28Updated 2 years ago
- ☆4Updated 4 years ago
- 通过Whois信息发现更多与目标有关联的域名,扩大攻击面☆14Updated 3 years ago
- bypass 401/403☆13Updated 2 years ago
- gitlab version index☆62Updated 3 years ago
- Celestion 是一个无回显�漏洞测试辅助平台,平台使用flask编写,提供DNSLOG,HTTPLOG等功能。 (界面懒得弄,后续有需要再说)。☆30Updated last year
- ☆49Updated 4 years ago
- 2020年~2021年 网站CMS、中间件、框架系统漏洞集合☆36Updated 4 years ago
- Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …☆50Updated 3 years ago
- Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability CVE-2021-22053☆37Updated 2 years ago
- 该项目是通过go语言实现防止rmi利用被反置的问题。☆44Updated 3 years ago
- 子域名接管的几种变体靶场☆23Updated 10 months ago
- 宽字节安全团队的博客☆30Updated 4 years ago
- ☆29Updated 3 years ago
- Ni-nuclei二开☆38Updated last year
- Burp extension to allow you to highlight Repeater tabs.☆10Updated 3 years ago
- awvs-scan 是一款调用 AWVS 13.x API 的自动化工具☆25Updated 2 years ago
- some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute☆69Updated 4 years ago
- 用于解决awvs和xray联动时url批量导入并扫描的小脚本☆16Updated 4 years ago
- e-mesaage <=4.15 后台jar包上传exp☆47Updated 6 years ago
- 一个解密 Shiro-rememberMe的图形化小工具,支持cbc和gcm。☆25Updated 3 years ago
- 简单记录下自己在挖掘SRC☆32Updated 4 years ago
- Yapi RCE漏洞批量验证与伪交互SHELL☆41Updated 3 years ago
- Fofa Pro Api下载工具☆17Updated 5 years ago
- Spring Cloud Function Spel命令执行漏洞☆38Updated 3 years ago
- 记�录调试分析ysoserial系列的学习过程,主要包含手动构造的一些poc,便于加深对漏洞和工具的理解☆30Updated 4 years ago
- 记录weblogic的一些漏洞原理☆16Updated 3 years ago
- ☆33Updated 2 years ago