l3m0n / vtest

用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。

☆23

Alternatives and similar repositories for vtest:

Users that are interested in vtest are comparing it to the libraries listed below

lnyzx / L-XSS
Make XSS Great Again
☆31Updated 5 years ago
QiAnXinCodeSafe / Legendsec
奇安信报开源软件漏洞cve所用目录。每个人报漏洞请建立自己的目录。
☆45Updated 5 years ago
boy-hack / bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
☆24Updated 5 years ago
bit4woo / Java_deserialize_vuln_lab
Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
☆87Updated 6 years ago
QAX-A-Team / Papers
Papers
☆34Updated 5 years ago
neverlovelynn / chrome_headless_xss
A plugin to check xss by using chrome_headless
☆52Updated 6 years ago
jas502n / fastjson-1.2.60-rce
autoType enable
☆36Updated 5 years ago
ab1gale / phpcms-2008-CVE-2018-19127
☆41Updated 6 years ago
fnmsd / ChunkedHTTPAdapter
参考《利用分块传输吊打所有WAF》修改的requests的Adapter
☆98Updated 6 years ago
l3m0n / vulenv
漏洞测试环境 - 方便写扫描器利用复现
☆27Updated 5 years ago
aboutbo / tools
☆19Updated 4 years ago
pyn3rd / CVE-2018-3252
CVE-2018-3252-PoC
☆74Updated 6 years ago
kevien / javacode
some java code i met or i used
☆29Updated 5 years ago
bit4woo / DNSLog
DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。
☆45Updated 4 years ago
Hpd0ger / InFoCollecter
针对域名/页面的接口爬取，递归模式入库
☆22Updated 5 years ago
fuhei / CNVD-C-2019-48814
CNVD-C-2019-48814 Weblogic wls9_async_response 反序列化利用工具
☆38Updated 5 years ago
jas502n / kibana-RCE
kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609
☆90Updated 5 years ago
jas502n / CVE-2018-14665
OpenBsd_CVE-2018-14665
☆16Updated 6 years ago
genxor / Deserialize
☆1Updated 6 years ago
neargle / tips-note
做过的实验，踩过的坑
☆40Updated 6 years ago
5z1punch / oracle_java_shell_client
oracle 10g sys权限通过java执行命令获得一个非交互shell的客户端，通常用于正向连接
☆39Updated 8 years ago
shellsec / Knowledge-Base
Knowledge Base 慢雾安全团队知识库
☆29Updated 5 years ago
secoba / HLog
Burpsuite HTTP 插件，主要用于内网测试，可定制Content-Type和Response Content
☆24Updated 6 years ago
codeplutos / Conference
☆28Updated 5 years ago
jas502n / cve-2018-1273
Spring Data Commons RCE 远程命令执行漏洞
☆57Updated 5 years ago
virink / xray-weblisten-ui
Xray 被动扫描管理
☆58Updated 4 years ago
ttttmr / php-fpm
用WebShell攻击PHP-FPM Attacking PHP-FPM with WebShell
☆41Updated 3 years ago
VillanCh / minihydra
MiniHydra：轻量级密码爆破模块（Powered By G3ar）
☆18Updated 7 years ago
phantom0301 / PTEye
Phantom eye——A passive business logic vulnerability auditing tool
☆56Updated 5 years ago
chengable / safe_code
absolute safe code
☆27Updated 7 years ago