duckpigdog / XMCVE-WebReconView external linksLinks
基于 Chrome Manifest V3 的渗透测试辅助插件,用于快速发现页面输入点、评估 CSP 风险、嗅探潜在敏感资产、识别常见前端框架指纹,并内置常用编码转换工具,帮助进行合法合规的渗透测试与安全检查
☆39Jan 29, 2026Updated 2 weeks ago
Alternatives and similar repositories for XMCVE-WebRecon
Users that are interested in XMCVE-WebRecon are comparing it to the libraries listed below
Sorting:
- 这是一个结合 Burp Suite 扩展插件 和 ProxyPool 爬虫代理 IP 池 的集成方案,用于自动化获取、验证和管理免费代理,实现高效的 HTTP 代理切换。插件支持直接粘贴代理列表或访问 ProxyPool API URL 获取代理,支持 HTTP 和 SOC…☆30Oct 30, 2025Updated 3 months ago
- 为初学者开发的爆破靶场。☆29Nov 28, 2025Updated 2 months ago
- BpArsenal, a Burp Suite plugin that can quickly convert http requests into command-line tool execution, launch third-party tools and open…☆22Oct 31, 2025Updated 3 months ago
- 检测host头攻击的Burpsuite被动扫描插件,Burpsuite passive scanning plugin responsible for detecting host header attack☆11Apr 28, 2023Updated 2 years ago
- 用于若依和Jeecg数据库中密码的爆破☆23Jul 19, 2025Updated 6 months ago
- burp解密插件☆10Jun 9, 2023Updated 2 years ago
- Hengge team develops JavaScript specifically for loading Webpack for batch reading☆51Dec 25, 2025Updated last month
- 【NEW】https://github.com/ctfhub-team/base_web_nginx_mysql_php_56 https://github.com/ctfhub-team/base_web_nginx_mysql_php_74☆12Sep 22, 2020Updated 5 years ago
- URLReplayer是一个burp插件,一个用于自动化 API 接口提取、参数解析及批量验证 的 Burp Suite 插件。旨在从 HTTP 响应中快速挖掘未公开的 API 端点并进行有效性测试。☆35Jan 15, 2026Updated last month
- Parsing 是一个 Chrome 插件,选择ai分析当前页面的Js代码,内置提示词,不再需要单拎js。以及信息收集功能,提升渗透测试效率。☆53Jan 28, 2026Updated 2 weeks ago
- xss漏洞挖掘插件☆37Feb 6, 2025Updated last year
- CVE-2023-21839 Python版本☆18Apr 21, 2023Updated 2 years ago
- 符合 OpenForensicRules 数字取证与应急响应信息采集规则格式规范的配置文件仓库☆28Jul 18, 2025Updated 6 months ago
- FastJsonAutoTypeBypass☆16Apr 14, 2021Updated 4 years ago
- antSword的源码和加载器☆14Jan 24, 2023Updated 3 years ago
- burpplugin 根据一遍神贴,实现了一下burp插件版本的小刀,一键生成shell☆14Jul 15, 2019Updated 6 years ago
- 【Hello-CTF labs】一个ssrf的综合靶场,包含RCE,SQL注入,Tomcat,Redis,MySQL提权等ssrf攻击场景☆76Mar 18, 2025Updated 10 months ago
- php-unserialize-lib 是一个根据 php 反序列化工具 PHPGGC 对应编写而来的反序列化靶场,提供 PHPGGC 中大部分反序列化漏洞环境☆39Dec 20, 2023Updated 2 years ago
- 本项目是一个插件项目,用于演示插件的使用方法 快速打造自己的谷歌插件该项目使用 vue2.0 + webpack4.0 + less + es6 + vue-router + vuex + axios + element-ui + chrome-plugin 等其他插件开发…☆15Oct 18, 2023Updated 2 years ago
- 一款用Go语言编写的数据库自动化提权工具,支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接☆17Feb 19, 2023Updated 2 years ago
- 自动化快速评估工具☆28Dec 30, 2025Updated last month
- ctf一键栈溢出、格式化字符串pwn工具/一键pwn利用工具☆17Apr 19, 2025Updated 9 months ago
- Java XMLDecoder payload generator☆16Jul 27, 2021Updated 4 years ago
- A vulnerability has been identified in Docker Desktop. A remote attacker could exploit this vulnerability to trigger security restriction…☆45Dec 7, 2025Updated 2 months ago
- ☆21Jun 29, 2022Updated 3 years ago
- 一个用来提取空间测绘引擎数据的浏览器插件,顺便查备案,支持鹰图,fofa,shadan,quake数据提取☆23Jan 13, 2025Updated last year
- 使用Docker一键制作Vol2取证需要的Profile☆22Aug 31, 2025Updated 5 months ago
- 用于提取Webpack打包的未加载的JavaScript文件,并扫描这些文件以查找敏感信息��。☆38Sep 17, 2025Updated 4 months ago
- xia_Yue 插件修改版,瞎越修改版,修复中文重放乱码,添加请求行越权测试,一键导出越权url,允许重复url测试等功能☆62Jan 5, 2026Updated last month
- OA系统解密小工具☆47Dec 10, 2023Updated 2 years ago
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 8 months ago
- ExpFuzz字典☆21May 27, 2024Updated last year
- JavaScript Deconfusion Tool. JavaScript解混淆工具,提供多种解混淆配置,支持自定义模块。☆42Dec 15, 2025Updated 2 months ago
- 一个方便逆向人员进行渗透的 burp 插件☆120Sep 3, 2024Updated last year
- 二开xiasql☆56Jan 8, 2026Updated last month
- 个人输出,经验/思路/想法/总结/. . .☆26Sep 6, 2021Updated 4 years ago
- ☆22Nov 25, 2024Updated last year
- mpass移动开发框架ios端抓包hook脚本☆41Nov 18, 2020Updated 5 years ago
- SpringbootGuiExploit漏洞利用工具测试版☆20Jun 7, 2024Updated last year