lijiejie/MisConfig_HTTP_Proxy_Scanner

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/lijiejie/MisConfig_HTTP_Proxy_Scanner)

lijiejie / MisConfig_HTTP_Proxy_Scanner

The scanner helps to scan misconfigured reverse proxy servers and misconfigured forward proxy servers

☆174

Alternatives and similar repositories for MisConfig_HTTP_Proxy_Scanner

Users that are interested in MisConfig_HTTP_Proxy_Scanner are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

y1nglamore / IDOR_detect_tool
View on GitHub
一款API水平越权漏洞检测工具
☆766Jun 27, 2023Updated 2 years ago
lijiejie / eyes.sh
View on GitHub
Optimized DNS/HTTP Log Tool for pentesters, faster and easy to use.
☆426Jun 27, 2024Updated last year
A0WaQ4 / HexDnsEchoT
View on GitHub
命令执行不回显但DNS协议出网的命令回显场景解决方案（修改为使用ceye接收请求，添加自定义DNS服务器）
☆292Aug 20, 2023Updated 2 years ago
rebeyond / JNDInjector
View on GitHub
一个高度可定制化的JNDI和Java反序列化利用工具
☆473Jan 17, 2023Updated 3 years ago
f0ng / JavaFileDict
View on GitHub
Java应用的一些配置文件字典，来源于公开的字典与平时收集
☆320Feb 1, 2024Updated 2 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
Ciyfly / Argo
View on GitHub
Argo is an automated general crawler for automatically obtaining website URLs . Argo 是一个自动化扫描器爬虫用于自动化获取网站的URL 基于go-rod实现了静态和动态结合的方式来实现
☆217Dec 16, 2025Updated 5 months ago
ttstormxx / jjjjjjjjjjjjjs
View on GitHub
爬网站JS文件，自动fuzz api接口，指定api接口（针对前后端分离项目，可指定后端接口地址），回显api响应
☆761Jul 20, 2023Updated 2 years ago
RowTeam / SharpExchangeKing
View on GitHub
Exchange 服务器安全性的辅助测试工具
☆332Jul 21, 2023Updated 2 years ago
qi4L / Ysoserial-go
View on GitHub
A Go library for generating Java deserialization payloads.
☆154Sep 9, 2024Updated last year
grayddq / EBurst
View on GitHub
这个脚本主要提供对Exchange邮件服务器的账户爆破功能，集成了现有主流接口的爆破方式。
☆340May 22, 2023Updated 3 years ago
winezer0 / dynascan-python
View on GitHub
完善的动态备份文件扫描工具实现动态字典渲染、动态结果判断、自动字典记录、的敏感文件扫描器
☆30May 21, 2025Updated last year
p1g3 / JSINFO-SCAN
View on GitHub
递归式寻找域名和api。
☆723Aug 3, 2023Updated 2 years ago
depycode / burpsuite_hack
View on GitHub
一款代理扫描器
☆566May 5, 2023Updated 3 years ago
Aur0ra-m / APIKiller
View on GitHub
API Security DAST & Oprations
☆316Jul 5, 2023Updated 2 years ago
Deploy on Railway without the complexity - Free Credits Offer • Ad
Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
0x727 / BypassPro
View on GitHub
对Auth/Waf 自动化bypass的burpsuite插件
☆1,273May 10, 2026Updated last month
PettterWang / URLFUZZ
View on GitHub
URLFUZZ By T00ls.Net
☆24Jul 4, 2023Updated 2 years ago
xk4ng / NacosDefaultToken
View on GitHub
Alibaba Nacos存在默认token.secret.key，导致远程攻击者可以绕过密钥认证接管Nacos
☆19Mar 17, 2023Updated 3 years ago
r35tart / RedisWriteFile
View on GitHub
通过 Redis 主从写出无损文件
☆717May 25, 2020Updated 6 years ago
LTianHang / ShiroUploadTools
View on GitHub
Shiro文件上传工具
☆102Jun 28, 2023Updated 2 years ago
UzJu / Cloud-Bucket-Leak-Detection-Tools
View on GitHub
六大云存储，泄露利用检测工具
☆1,258Mar 28, 2025Updated last year
z2p / sweetPotato
View on GitHub
基于burpsuite的资产分析工具
☆475Apr 29, 2023Updated 3 years ago
ssssdl / fastjsonChecker
View on GitHub
burp手工检测fastjson辅助
☆89Mar 4, 2024Updated 2 years ago
BeichenDream / Kcon2021Code
View on GitHub
☆275Oct 28, 2021Updated 4 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
Ridter / PySQLTools
View on GitHub
Mssql利用工具
☆277Aug 7, 2023Updated 2 years ago
jar-analyzer / jar-analyzer-v1-gui
View on GitHub
建议使用新版：https://github.com/jar-analyzer/jar-analyzer
☆898Nov 30, 2023Updated 2 years ago
wyzxxz / aksk_tool
View on GitHub
AK资源管理工具，阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM/E2/UHOST/ECI/BCC执行命令，OSS/COS/S3/BOS…
☆785Feb 13, 2025Updated last year
yzddmr6 / Java-Js-Engine-Payloads
View on GitHub
Java Js Engine Payloads All in one
☆292Aug 21, 2023Updated 2 years ago
Ptkatz / OrcaC2
View on GitHub
OrcaC2是一款基于Websocket加密通信的多功能C&C框架，使用Golang实现。
☆677Dec 30, 2022Updated 3 years ago
bit4woo / burp-api-drops
View on GitHub
burp插件开发指南
☆619Aug 8, 2021Updated 4 years ago
pmiaowu / HostCollision
View on GitHub
用于host碰撞而生的小工具,专门检测渗透中需要绑定hosts才能访问的主机或内部系统
☆673Jun 13, 2024Updated 2 years ago
depycode / fastjson-c3p0
View on GitHub
fastjson不出网利用、c3p0
☆257Jul 30, 2021Updated 4 years ago
feihong-cs / Java-Rce-Echo
View on GitHub
Java RCE 回显测试代码
☆1,014Oct 15, 2020Updated 5 years ago
GPUs on demand by Runpod - Special Offer Available • Ad
Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
T00lsCom / Salon5
View on GitHub
T00ls.Com 2023第一期线下沙龙（苏州）PPT合集
☆15Jul 17, 2023Updated 2 years ago
bit4woo / domain_hunter_pro
View on GitHub
domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等
☆2,136Jun 6, 2026Updated last week
4ra1n / mysql-fake-server
View on GitHub
纯 Java 实现的 MySQL Fake Server | 支持 GUI 版和命令行版 | 支持反序列化和文件读取的利用方式 | 支持常见的 GADGET 和自定义 GADGET 数据 | 根据目标环境自动生成匹配的 PAYLOAD | 支持 PGSQL 和 DERBY …
☆831Sep 18, 2023Updated 2 years ago
c0ny1 / java-object-searcher
View on GitHub
java内存对象搜索辅助工具
☆820Sep 23, 2022Updated 3 years ago
c0ny1 / passive-scan-client
View on GitHub
Burp被动扫描流量转发插件
☆1,464Jun 17, 2024Updated last year
fnmsd / MySQL_Fake_Server
View on GitHub
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
☆1,372Nov 18, 2021Updated 4 years ago
JDArmy / RPCSCAN
View on GitHub
RPC远程主机信息匿名扫描工具
☆319Sep 30, 2022Updated 3 years ago