参考《利用分块传输吊打所有WAF》修改的requests的Adapter
☆98Jan 31, 2019Updated 7 years ago
Alternatives and similar repositories for ChunkedHTTPAdapter
Users that are interested in ChunkedHTTPAdapter are comparing it to the libraries listed below
Sorting:
- Shiro_721 exp 纯手工实现Padding Oracle整个过程☆67Nov 20, 2019Updated 6 years ago
- ☆41Nov 9, 2018Updated 7 years ago
- 基于burpsuite headless 的代理式被动扫描系统☆95Feb 10, 2020Updated 6 years ago
- a mini tool to dump password and NTLM hash from WDigest & MSV1_0 & tspkg, as a result of study of mimikatz☆83Sep 27, 2018Updated 7 years ago
- dynamic crawler for web vulnerability scanner☆252Updated this week
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆166Apr 5, 2019Updated 6 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- mstsc.exe Path Traversal to RCE POC☆91May 23, 2019Updated 6 years ago
- 更快速的进行Web应用指纹识别☆170May 9, 2019Updated 6 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- 内网渗透中快速获取数据库所有库名,表名,列名。具体判断后再去翻数据,节省时间。适用于mysql,mssql。☆198Nov 11, 2019Updated 6 years ago
- ☆146Jun 20, 2018Updated 7 years ago
- web模糊测试 - 将漏洞可能性放大☆145Apr 23, 2019Updated 6 years ago
- LANGZI_SRC_安全巡航 ��是一款集成漏扫,验证,资产监控,自动复现并且生成结果表报的工具,实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。☆14Jul 7, 2019Updated 6 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- procfs-based PHP sandbox bypass☆133Sep 19, 2018Updated 7 years ago
- 修改的SweetPotato,使之可以用于CobaltStrike v4.0☆246Apr 30, 2020Updated 5 years ago
- Shiro RCE (Padding Oracle Attack)☆148Nov 15, 2019Updated 6 years ago
- Zimbra XXE+SSRF+UPLOAD Poc☆59Jun 25, 2019Updated 6 years ago
- Airbug(空气洞),收集漏洞poc用于安全产品☆355Sep 26, 2019Updated 6 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- 渗透测试用到的东东☆428May 6, 2020Updated 5 years ago
- 一款基于webshell命令执行功能实现的GUI webshell管理工具,支持流量加密☆218Jun 4, 2021Updated 4 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆712May 10, 2021Updated 4 years ago
- CVE-2019-1040 with Exchange☆253Jun 18, 2021Updated 4 years ago
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆757Dec 2, 2022Updated 3 years ago
- CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统☆187Jun 17, 2020Updated 5 years ago
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆125Jul 17, 2020Updated 5 years ago
- POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞, 对功能进行强化以及脚本进行分类添加,自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC☆357Mar 12, 2020Updated 6 years ago
- 网页相似度判断:根据网页结构判断页面相似性 ,可用于相似度计算、越权检测等(Determine page similarity based on HTML page structure)☆282Jul 27, 2019Updated 6 years ago
- 全自动搜索互联网漏洞☆132Aug 17, 2019Updated 6 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Feb 8, 2020Updated 6 years ago
- 一款快速修改HTTP数据包头的Burp Suite插件☆254Oct 10, 2018Updated 7 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- 读取登录过本机的登录失败或登录成功的所有计算机信息,在内网渗透中快速定位运维管理人员。☆221Sep 30, 2019Updated 6 years ago
- RMI 反序列化环境 一步步☆213Aug 31, 2020Updated 5 years ago
- backdoor☆262Jul 26, 2025Updated 7 months ago
- fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.☆229Oct 12, 2022Updated 3 years ago