此项目的POC来源为2024年以来各大威胁情报的高危漏洞复现,POC已通过nuclei或xray武器化,绝大部分为自复现并自验过,本项目旨在为网络安全爱好者们提供一点参考资料,可供个人研究使用,共勉
☆312Aug 14, 2024Updated last year
Alternatives and similar repositories for 2024-PocLib
Users that are interested in 2024-PocLib are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 梳理【护网高利用率POC】并集成Nuclei模板仓库,针对解决网上同一资产漏洞一键检测工具参次不齐问题。☆577Mar 21, 2024Updated 2 years ago
- MDUT-Extend(扩展版本)☆849Mar 17, 2026Updated last week
- DockerApiRCE☆236Oct 22, 2024Updated last year
- dddd是一款使用简单的批量信息收集,供应链漏洞探测工具,旨在优化红队工作流,减少伤肝的机械性操作。支持从Hunter、Fofa批量拉取目标☆1,824Aug 2, 2024Updated last year
- 哥斯拉webshell管理工具二次开发规避流量检测设备☆1,052Dec 2, 2025Updated 3 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC!☆2,893Aug 23, 2024Updated last year
- JavaGadgetGenerator 工具,支持 ysoserial,Hessian,字节码,Expr/SSTI,Shiro,JDBC 等 Gadget 生成,封装,混淆,出网延迟探测,内存马注入等...☆553Dec 7, 2025Updated 3 months ago
- 实战沉淀字典☆1,532Mar 17, 2026Updated last week
- LC(List Cloud)是一个多云攻击面资产梳理工具☆638Oct 6, 2024Updated last year
- 一个半自动化springboot打点工具,内置目前springboot所有漏洞☆778Sep 30, 2025Updated 5 months ago
- OneScan 是一款用于递归目录扫描的 BurpSuite 插件☆1,235Jun 24, 2025Updated 9 months ago
- daydayExp的漏洞POC仓库,慢慢更新...☆371Nov 4, 2024Updated last year
- 攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。☆1,382Oct 3, 2024Updated last year
- jeecg综合漏洞利用工具☆430Aug 30, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- 内网资产收集、探测主机存活、端口扫描、域控定位、文件搜索、各种服务爆破(SSH、SMB、MsSQL等)、Socks代理,一键自动化+无文件落地扫描☆473Nov 20, 2024Updated last year
- 内网渗透过程中搜寻指定文件内容,从而找到突破口的一个小工具☆361Aug 13, 2025Updated 7 months ago
- 最好用最智能最可控的目录Fuzz工具 | The most powerful, user-friendly, intelligent, and precise HTTP Fuzzer.☆1,002Mar 6, 2026Updated 3 weeks ago
- P1finger - 红队行动下的重点资产指纹识别工具,解决信息收集过程中的一小步☆437Aug 5, 2025Updated 7 months ago
- 综合漏洞后渗透利用工具☆1,693Dec 11, 2025Updated 3 months ago
- 面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams☆2,035Feb 3, 2026Updated last month
- java-web 自动化鉴权绕过☆379Apr 3, 2025Updated 11 months ago
- 泛微最近的漏洞利用工具(PS:2023)☆481Dec 14, 2023Updated 2 years ago
- ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distribute…☆1,473Jan 29, 2026Updated last month
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- 基于 OPSEC 的 CobaltStrike 后渗透自动化链☆451Mar 11, 2024Updated 2 years ago
- Nuclei POC,每2小时更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现。已有41w+POC,其中3.5w…☆2,000Updated this week
- NacosExploit 命令执行 内存马等利用☆215Jul 18, 2024Updated last year
- tomcat自动化漏洞扫描利用工具,支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938/CNVD-2020-10487 文件包含☆284Apr 6, 2025Updated 11 months ago
- 收集最新漏洞POC(Yaml\Python)☆220Aug 19, 2025Updated 7 months ago
- 一个用于测试文件上传功能安全性的 Burp Suite 插件。通过 Intruder 模块自动生成各类绕过 payload,覆盖常见的文件上传限制场景。共1000+条payload☆578Dec 24, 2025Updated 3 months ago
- 自动化扫描利器,指纹识别更精准,漏洞扫描更全面☆378Oct 29, 2025Updated 4 months ago
- 本工具为jeecg框架漏洞利用工具非jeecg-boot!☆183Aug 13, 2024Updated last year
- EHole(棱洞)魔改。可对路径进行指纹识别;支持识别出来的重点资产进行漏洞检测(支持从hunter和fofa中提取资产)支持对ftp服务识别及爆破☆951Mar 6, 2024Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Lightning-fast internal network scanner☆1,155Nov 27, 2025Updated 4 months ago
- Pillager是一个适用于后渗透期间的信息收集工具☆1,271Sep 7, 2024Updated last year
- 备份的漏洞库,3月开始我们来维护☆1,849Mar 12, 2026Updated 2 weeks ago
- 一款Java内存马生成、测试工具,搭配@ax1sX的MemShell食用。☆262Feb 15, 2026Updated last month
- 一款集成了H3C,致远,泛微,万户,帆软,海康威视,金蝶云星空,畅捷通,Struts等多个RCE漏洞利用工具☆235Jul 28, 2024Updated last year
- FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用��链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用☆1,188Jul 12, 2024Updated last year
- Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件☆1,313Jun 29, 2024Updated last year