jiangsir404/POC-S

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jiangsir404/POC-S)

jiangsir404 / POC-S

POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞，对功能进行强化以及脚本进行分类添加，自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC

☆357

Alternatives and similar repositories for POC-S

Users that are interested in POC-S are comparing it to the libraries listed below

Sorting:

1120362990 / vulnerability-list
View on GitHub
在渗透测试中快速检测常见中间件、组件的高危漏洞。
☆728Mar 21, 2022Updated 3 years ago
Echocipher / AUTO-EARN
View on GitHub
一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具
☆738Dec 8, 2022Updated 3 years ago
opensec-cn / vtest
View on GitHub
用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
☆866Jul 21, 2019Updated 6 years ago
amcai / myscan
View on GitHub
myscan 被动扫描
☆667Mar 19, 2021Updated 4 years ago
iSafeBlue / fastjson-autotype-bypass-demo
View on GitHub
fastjson 1.2.68 版本 autotype bypass
☆142Jun 17, 2022Updated 3 years ago
dr0op / WeblogicScan
View on GitHub
增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
☆968Jun 16, 2024Updated last year
timwhitez / crawlergo_x_XRAY
View on GitHub
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
☆1,183Nov 10, 2021Updated 4 years ago
LangziFun / LangSrcCurise
View on GitHub
SRC子域名资产监控
☆1,299Jan 14, 2021Updated 5 years ago
Adminisme / ServerScan
View on GitHub
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
☆1,634Jun 16, 2024Updated last year
c0ny1 / passive-scan-client
View on GitHub
Burp被动扫描流量转发插件
☆1,460Jun 17, 2024Updated last year
heroanswer / XSS_Cheat_Sheet_2020_Edition
View on GitHub
xss漏洞模糊测试payload的最佳集合 2020版
☆511May 25, 2020Updated 5 years ago
FunnyWolf / pystinger
View on GitHub
Bypass firewall for traffic forwarding using webshell
☆1,430Sep 29, 2021Updated 4 years ago
ac0d3r / Hyuga
View on GitHub
Hyuga is a tool for monitoring Out-of-Band (OOB) traffic, supporting DNS, HTTP, LDAP, RMI, and DNS-Rebinding。🪤
☆538Dec 27, 2025Updated 2 months ago
al0ne / Nmap_Bypass_IDS
View on GitHub
Nmap&Zmap特征识别，绕过IDS探测
☆329Aug 1, 2019Updated 6 years ago
r0eXpeR / redteam_vul
View on GitHub
红队作战中比较常遇到的一些重点系统漏洞整理。
☆2,522Jul 17, 2021Updated 4 years ago
CTF-MissFeng / bayonet
View on GitHub
bayonet是一款src资产管理系统，从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统
☆1,507Nov 22, 2022Updated 3 years ago
sv3nbeast / ShiroScan
View on GitHub
Shiro<=1.2.4反序列化，一键检测工具
☆988Mar 4, 2021Updated 5 years ago
lengjibo / RedTeamTools
View on GitHub
记录自己编写、修改的部分工具
☆1,461Oct 19, 2025Updated 4 months ago
boy-hack / airbug
View on GitHub
Airbug(空气洞)，收集漏洞poc用于安全产品
☆355Sep 26, 2019Updated 6 years ago
feihong-cs / ShiroExploit-Deprecated
View on GitHub
Shiro550/Shiro721 一键化利用工具，支持多种回显方式
☆1,951Jun 4, 2021Updated 4 years ago
feihong-cs / Java-Rce-Echo
View on GitHub
Java RCE 回显测试代码
☆1,016Oct 15, 2020Updated 5 years ago
hanc00l / some_pocsuite
View on GitHub
用于漏洞排查的pocsuite3验证POC代码
☆347Aug 7, 2022Updated 3 years ago
Y4er / WebLogic-Shiro-shell
View on GitHub
WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell
☆535Aug 25, 2020Updated 5 years ago
JE2Se / AssetScan
View on GitHub
资产探测工具，检测存活，检测风险端口，常规端口，全端口探测等等，对探测的端口的脆弱面进行安全分析进行
☆438May 22, 2023Updated 2 years ago
jweny / pocassist
View on GitHub
傻瓜式漏洞PoC测试框架
☆1,444Oct 30, 2023Updated 2 years ago
inbug-team / InScan
View on GitHub
边界打点后的自动化渗透工具
☆1,891Jul 19, 2021Updated 4 years ago
Ares-X / shiro-exploit
View on GitHub
Shiro反序列化利用工具，支持新版本(AES-GCM)Shiro的key爆破，配合ysoserial，生成回显Payload
☆897May 28, 2021Updated 4 years ago
feihong-cs / JspMaster-Deprecated
View on GitHub
一款基于webshell命令执行功能实现的GUI webshell管理工具，支持流量加密
☆218Jun 4, 2021Updated 4 years ago
zhzyker / exphub
View on GitHub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、…
☆4,273Apr 4, 2021Updated 4 years ago
wyzxxz / jndi_tool
View on GitHub
JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具
☆2,012May 21, 2024Updated last year
QAX-A-Team / sharpwmi
View on GitHub
sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。
☆716Aug 3, 2021Updated 4 years ago
boy-hack / wooyun-payload
View on GitHub
从wooyun中提取的payload，以及burp插件
☆842Jun 17, 2022Updated 3 years ago
uknowsec / frpModify
View on GitHub
修改frp支持域前置与配置文件自删除
☆397Dec 31, 2020Updated 5 years ago
l3m0n / Bypass_Disable_functions_Shell
View on GitHub
一个各种方式突破Disable_functions达到命令执行的shell
☆1,198Oct 17, 2023Updated 2 years ago
SPuerBRead / Bridge
View on GitHub
无回显漏洞测试辅助平台，平台使用Java编写，提供DNSLOG，HTTPLOG等功能，辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。
☆402Dec 21, 2025Updated 2 months ago
chennqqi / godnslog
View on GitHub
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
☆469Sep 16, 2023Updated 2 years ago
Richard-Tang / x1DecoderPlus
View on GitHub
AntSword(蚁剑)全参数流量XOR和Base64加伪装WebShell
☆163Sep 28, 2021Updated 4 years ago
c0ny1 / chunked-coding-converter
View on GitHub
Burp suite 分块传输辅助插件
☆2,023Feb 23, 2022Updated 4 years ago
c0ny1 / FastjsonExploit
View on GitHub
Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
☆1,389Dec 16, 2022Updated 3 years ago