This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.
☆999Feb 23, 2026Updated last week
Alternatives and similar repositories for tsunami-security-scanner-plugins
Users that are interested in tsunami-security-scanner-plugins are comparing it to the libraries listed below
Sorting:
- Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with h…☆8,550Feb 19, 2026Updated last week
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- A powerful browser crawler for web vulnerability scanners☆3,016Mar 11, 2025Updated 11 months ago
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆11,983Updated this week
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via E…☆8,479Nov 16, 2025Updated 3 months ago
- Advanced vulnerability scanning with Nmap NSE☆3,722Feb 6, 2026Updated 3 weeks ago
- Automated Adversary Emulation Platform☆6,781Updated this week
- In-depth attack surface mapping and asset discovery☆14,193Updated this week
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,774Apr 26, 2024Updated last year
- The cheat sheet about Java Deserialization vulnerabilities☆3,167May 26, 2023Updated 2 years ago
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,412Jun 17, 2025Updated 8 months ago
- 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.☆7,548Updated this week
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,617Feb 23, 2026Updated last week
- Main Sigma Rule Repository☆10,145Feb 19, 2026Updated last week
- Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…☆7,529Oct 16, 2025Updated 4 months ago
- ☆2,665Mar 5, 2024Updated last year
- Open Source Vulnerability Management Platform☆6,266Feb 13, 2026Updated 2 weeks ago
- ☆1,187Jan 21, 2026Updated last month
- Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、…☆4,273Apr 4, 2021Updated 4 years ago
- Resources related to GitHub Security Lab☆1,587Dec 2, 2025Updated 3 months ago
- Interesting APT Report Collection And Some Special IOCs☆2,915Updated this week
- The Swiss Army knife for automated Web Application Testing☆2,322May 8, 2024Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- Automated Security Testing For REST API's☆2,639Jun 5, 2024Updated last year
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆27,194Updated this week
- Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabil…☆1,315May 22, 2025Updated 9 months ago
- Fast Application Layer Scanner☆2,072Updated this week
- A malicious LDAP server for JNDI injection attacks☆1,076Sep 28, 2023Updated 2 years ago
- J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…☆677Oct 29, 2025Updated 4 months ago
- A Modern Orchestration Engine for Security☆6,109Feb 19, 2026Updated last week
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,514Jan 21, 2020Updated 6 years ago
- Six Degrees of Domain Admin☆10,540Aug 1, 2025Updated 7 months ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,765Dec 4, 2025Updated 2 months ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 3 years ago
- ✍️ A curated list of CVE PoCs.☆3,481Jan 4, 2022Updated 4 years ago
- A swiss army knife for pentesting networks☆9,082Dec 6, 2023Updated 2 years ago
- ☆420Jan 5, 2022Updated 4 years ago
- ☆2,511Jan 2, 2023Updated 3 years ago