This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.
☆1,004Apr 9, 2026Updated this week
Alternatives and similar repositories for tsunami-security-scanner-plugins
Users that are interested in tsunami-security-scanner-plugins are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with h…☆8,561Updated this week
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213May 19, 2020Updated 5 years ago
- A powerful browser crawler for web vulnerability scanners☆3,026Mar 11, 2025Updated last year
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via E…☆8,551Mar 21, 2026Updated 3 weeks ago
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆12,157Updated this week
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Advanced vulnerability scanning with Nmap NSE☆3,735Feb 6, 2026Updated 2 months ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,170May 26, 2023Updated 2 years ago
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,419Mar 26, 2026Updated 2 weeks ago
- In-depth attack surface mapping and asset discovery☆14,398Apr 7, 2026Updated last week
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 4 years ago
- Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、…☆4,275Apr 4, 2021Updated 5 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- ☆2,666Mar 5, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Automated Adversary Emulation Platform☆6,886Updated this week
- Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabil…☆1,315May 22, 2025Updated 10 months ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,794Apr 26, 2024Updated last year
- A malicious LDAP server for JNDI injection attacks☆1,078Sep 28, 2023Updated 2 years ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,793Apr 6, 2026Updated last week
- J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…☆676Oct 29, 2025Updated 5 months ago
- 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.☆7,621Updated this week
- ☆421Jan 5, 2022Updated 4 years ago
- Resources related to GitHub Security Lab☆1,594Dec 2, 2025Updated 4 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Java RCE 回显测试代码☆1,017Oct 15, 2020Updated 5 years ago
- Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…☆7,561Oct 16, 2025Updated 5 months ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆27,896Updated this week
- ☆1,197Jan 21, 2026Updated 2 months ago
- Main Sigma Rule Repository☆10,309Apr 1, 2026Updated last week
- ☆836Jun 7, 2022Updated 3 years ago
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,697Mar 14, 2024Updated 2 years ago
- Open Source Vulnerability Management Platform☆6,330Updated this week
- Automated Security Testing For REST API's☆2,646Jun 5, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ✍️ A curated list of CVE PoCs.☆3,490Jan 4, 2022Updated 4 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,837Dec 4, 2025Updated 4 months ago
- 红队作战中比较常遇到的一些重点系统漏洞整理。☆2,521Jul 17, 2021Updated 4 years ago
- Weblogic coherence.jar RCE☆176May 10, 2020Updated 5 years ago
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。☆2,385Jan 16, 2026Updated 2 months ago
- fastjson 被动扫描、不出网payload生成☆368Nov 19, 2021Updated 4 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 4 years ago