This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.
☆1,007Apr 27, 2026Updated last week
Alternatives and similar repositories for tsunami-security-scanner-plugins
Users that are interested in tsunami-security-scanner-plugins are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with h…☆8,568Apr 16, 2026Updated 2 weeks ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213May 19, 2020Updated 5 years ago
- A powerful browser crawler for web vulnerability scanners☆3,031Mar 11, 2025Updated last year
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via E…☆8,601Mar 21, 2026Updated last month
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆12,279Updated this week
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- In-depth attack surface mapping and asset discovery☆14,484Apr 17, 2026Updated 2 weeks ago
- Advanced vulnerability scanning with Nmap NSE☆3,749Feb 6, 2026Updated 2 months ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,175May 26, 2023Updated 2 years ago
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,423Mar 26, 2026Updated last month
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 4 years ago
- Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、…☆4,276Apr 4, 2021Updated 5 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆614Mar 4, 2021Updated 5 years ago
- ☆2,669Mar 5, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabil…☆1,313May 22, 2025Updated 11 months ago
- Automated Adversary Emulation Platform☆6,931Updated this week
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,799Apr 26, 2024Updated 2 years ago
- A malicious LDAP server for JNDI injection attacks☆1,080Sep 28, 2023Updated 2 years ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,888Updated this week
- J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…☆675Oct 29, 2025Updated 6 months ago
- 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.☆7,676Updated this week
- ☆422Jan 5, 2022Updated 4 years ago
- Resources related to GitHub Security Lab☆1,605Dec 2, 2025Updated 5 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Java RCE 回显测试代码☆1,014Oct 15, 2020Updated 5 years ago
- Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…☆7,581Oct 16, 2025Updated 6 months ago
- ☆1,203Jan 21, 2026Updated 3 months ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆28,199Updated this week
- Main Sigma Rule Repository☆10,386Updated this week
- ☆835Jun 7, 2022Updated 3 years ago
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,696Mar 14, 2024Updated 2 years ago
- Open Source Vulnerability Management Platform☆6,463Apr 21, 2026Updated 2 weeks ago
- Automated Security Testing For REST API's☆2,645Jun 5, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ✍️ A curated list of CVE PoCs.☆3,500Jan 4, 2022Updated 4 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,864Dec 4, 2025Updated 5 months ago
- 红队作战中比较常遇到的一些重点系统漏洞整理。☆2,520Jul 17, 2021Updated 4 years ago
- Weblogic coherence.jar RCE☆176May 10, 2020Updated 5 years ago
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。☆2,380Updated this week
- fastjson 被动扫描、不出网payload生成☆368Nov 19, 2021Updated 4 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆725Mar 21, 2022Updated 4 years ago