A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities
☆657Apr 7, 2022Updated 3 years ago
Alternatives and similar repositories for spring4shell-scan
Users that are interested in spring4shell-scan are comparing it to the libraries listed below
Sorting:
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228☆3,436Nov 23, 2022Updated 3 years ago
- SpringScan 漏洞检测 Burp插件☆605Nov 14, 2023Updated 2 years ago
- Log4j2 RCE Passive Scanner plugin for BurpSuite☆830Aug 4, 2023Updated 2 years ago
- CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks☆841Jun 13, 2023Updated 2 years ago
- Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。☆1,273Jul 2, 2025Updated 7 months ago
- CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.☆1,397Dec 16, 2021Updated 4 years ago
- Next generation RedTeam heuristic intranet scanning | 下一代RedTeam启发式内网扫描☆1,115Sep 16, 2023Updated 2 years ago
- 🚀 一款为了学习go而诞生的漏洞利用工具☆450Jun 14, 2022Updated 3 years ago
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,050Oct 7, 2022Updated 3 years ago
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,467Apr 25, 2024Updated last year
- 冰蝎 哥斯拉 WebShell bypass☆763Jan 15, 2026Updated last month
- 项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。☆1,897Jan 15, 2024Updated 2 years ago
- OAExploit一款基于产品的一键扫描工具。☆1,482Sep 20, 2022Updated 3 years ago
- 新一代子域名主/被动收集工具 - Subdomain automatic/passive collection tool☆498Oct 9, 2022Updated 3 years ago
- shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack☆2,379Apr 10, 2024Updated last year
- JAVA 插件化漏洞扫描器,Gui基于javafx。POC 目前集成 Weblogic、Tomcat、Shiro、Spring等。☆542Nov 20, 2023Updated 2 years ago
- fast scan for redtools☆880Mar 23, 2022Updated 3 years ago
- heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等☆1,433May 21, 2024Updated last year
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆124May 14, 2021Updated 4 years ago
- Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点☆2,137Jan 29, 2024Updated 2 years ago
- POC for VMWARE CVE-2022-22954☆282Apr 13, 2022Updated 3 years ago
- APIKit:Discovery, Scan and Audit APIs Toolkit All In One.☆2,239Apr 2, 2024Updated last year
- 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks☆950Jan 15, 2022Updated 4 years ago
- EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具☆3,438Apr 2, 2024Updated last year
- 一款基于BurpSuite的被动式shiro检测插件☆1,795Dec 14, 2022Updated 3 years ago
- 各种工具指纹收集分享☆529Nov 3, 2021Updated 4 years ago
- 利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点☆2,360Jun 9, 2023Updated 2 years ago
- Nuclei plugin for BurpSuite☆1,322Oct 22, 2025Updated 4 months ago
- 六大云存储,泄��露利用检测工具☆1,241Mar 28, 2025Updated 11 months ago
- OA综合利用工具,集合将近20款OA漏洞批量扫描☆1,340Oct 28, 2023Updated 2 years ago
- 数据库综合利用工具☆544Feb 16, 2022Updated 4 years ago
- MDUT - Multiple Database Utilization Tools☆2,190Sep 22, 2023Updated 2 years ago
- 开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)☆1,625Oct 10, 2023Updated 2 years ago
- 红队工具:各大OA利用工具,万户、致远、通达等☆259Jul 23, 2021Updated 4 years ago
- 一款针对向日葵的识别码和验证码提取工具☆922Nov 1, 2021Updated 4 years ago
- 一款基于BurpSuite的被动式FastJson检测插件☆1,238Oct 1, 2022Updated 3 years ago
- netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)☆2,200Jul 25, 2023Updated 2 years ago
- WSO2 RCE (CVE-2022-29464) exploit and writeup.☆377Apr 27, 2022Updated 3 years ago
- 高危漏洞精准检测与深度利用框架☆1,456Jan 8, 2023Updated 3 years ago