参考《利用分块传输吊打所有WAF》修改的requests的Adapter
☆98Jan 31, 2019Updated 7 years ago
Alternatives and similar repositories for ChunkedHTTPAdapter
Users that are interested in ChunkedHTTPAdapter are comparing it to the libraries listed below
Sorting:
- Shiro_721 exp 纯手工实现Padding Oracle整个过程☆67Nov 20, 2019Updated 6 years ago
- ☆41Nov 9, 2018Updated 7 years ago
- dynamic crawler for web vulnerability scanner☆252Mar 4, 2020Updated 5 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆167Apr 5, 2019Updated 6 years ago
- 基于burpsuite headless 的代理式被动扫描系统☆95Feb 10, 2020Updated 6 years ago
- 更快速的进行Web应用指纹识别☆170May 9, 2019Updated 6 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- ☆145Jun 20, 2018Updated 7 years ago
- mstsc.exe Path Traversal to RCE POC☆91May 23, 2019Updated 6 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- LANGZI_SRC_安全巡航 是一款集成漏扫,验证,资产监控,自动复现并且生成结果表报的工具,实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。☆14Jul 7, 2019Updated 6 years ago
- a mini tool to dump password and NTLM hash from WDigest & MSV1_0 & tspkg, as a result of study of mimikatz☆83Sep 27, 2018Updated 7 years ago
- procfs-based PHP sandbox bypass☆133Sep 19, 2018Updated 7 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- 修改的SweetPotato,使之可以用于CobaltStrike v4.0☆246Apr 30, 2020Updated 5 years ago
- 渗透测试用到的东东☆428May 6, 2020Updated 5 years ago
- Zimbra XXE+SSRF+UPLOAD Poc☆59Jun 25, 2019Updated 6 years ago
- 内网渗透中快速获取数据库所有库名,表名,列名。具体判断后再去翻数据,节省时间。适用于mysql,mssql。☆197Nov 11, 2019Updated 6 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- 通过脉脉用户猜测企业邮箱☆238May 7, 2020Updated 5 years ago
- CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统☆187Jun 17, 2020Updated 5 years ago
- 一款基于webshell命令执行功能实现的GUI webshell管理工具,支持流量加密☆218Jun 4, 2021Updated 4 years ago
- CVE-2019-1040 with Exchange☆253Jun 18, 2021Updated 4 years ago
- Shiro RCE (Padding Oracle Attack)☆148Nov 15, 2019Updated 6 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆711May 10, 2021Updated 4 years ago
- 读取登录过本机的登录失败或登录成功的所有计算机信息,在内网渗透中快速定位运维管理人员。☆221Sep 30, 2019Updated 6 years ago
- web模糊测试 - 将漏洞可能性放大☆145Apr 23, 2019Updated 6 years ago
- backdoor☆262Jul 26, 2025Updated 7 months ago
- POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞, 对功能进行强化以及脚本进行分类添加,自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC☆357Mar 12, 2020Updated 5 years ago
- 网页相似度判断:根据网页结构判断页面相似性 ,可用于相似度计算、越权检测等(Determine page similarity based on HTML page structure)☆282Jul 27, 2019Updated 6 years ago
- Airbug(空气洞),收集漏洞poc用于安全产品☆354Sep 26, 2019Updated 6 years ago
- A collection of C# tools for various purposes (kerberoasting, tickets, mimikatz, privesc, domain enumeration and more)☆80Aug 12, 2019Updated 6 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆968Jun 16, 2024Updated last year
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- 漏洞利用框架模块分享仓库☆348Oct 8, 2019Updated 6 years ago
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆754Dec 2, 2022Updated 3 years ago
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆125Jul 17, 2020Updated 5 years ago
- ☆153Jun 24, 2019Updated 6 years ago