Gather sensitive information from (.idea) folder for pentesters
☆370Aug 5, 2022Updated 3 years ago
Alternatives and similar repositories for idea_exploit
Users that are interested in idea_exploit are comparing it to the libraries listed below
Sorting:
- Redis 4.x/5.x RCE☆975Nov 30, 2021Updated 4 years ago
- Burp suite 分块传输辅助插件☆2,023Feb 23, 2022Updated 4 years ago
- Passive Security Scanner (被动式安全扫描器)☆1,948Feb 8, 2023Updated 3 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,389Dec 16, 2022Updated 3 years ago
- 360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能☆1,183Nov 10, 2021Updated 4 years ago
- Burp被动扫描流量转发插件☆1,460Jun 17, 2024Updated last year
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆967Jun 16, 2024Updated last year
- A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.☆1,715May 6, 2023Updated 2 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆483Dec 9, 2020Updated 5 years ago
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,198Oct 17, 2023Updated 2 years ago
- Weblogic一键漏洞检测工具,V1.5,更新时间:20200730☆2,266May 22, 2023Updated 2 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,011May 21, 2024Updated last year
- A Swagger API Exploit☆1,370Jun 7, 2024Updated last year
- a simple tool to detect potential security threat in php code☆316Sep 9, 2024Updated last year
- Struts2全漏洞扫描利用工具☆2,211Jul 12, 2021Updated 4 years ago
- A powerful browser crawler for web vulnerability scanners☆3,016Mar 11, 2025Updated 11 months ago
- 渗透测试用到的东东☆428May 6, 2020Updated 5 years ago
- 用于记录分享一些有趣的案例☆865Jan 10, 2022Updated 4 years ago
- 总结了20+.Net反序列化文章,持续更新☆748Apr 3, 2024Updated last year
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- python webanalyzer☆147Jun 2, 2021Updated 4 years ago
- Tomcat-Ajp协议文件读取漏洞☆797Mar 3, 2020Updated 6 years ago
- 更快速的进行Web应用指纹识别☆170May 9, 2019Updated 6 years ago
- SvnExploit支持SVN源代码泄露全版本Dump源码☆1,025Dec 20, 2022Updated 3 years ago
- 从wooyun中提取的payload,以及burp插件☆842Jun 17, 2022Updated 3 years ago
- Redis(<=5.0.5) RCE☆1,137Sep 24, 2023Updated 2 years ago
- 通过 Redis 主从写出无损文件☆719May 25, 2020Updated 5 years ago
- mysql注入,bypass的一些心得☆1,326Jun 25, 2024Updated last year
- 基于burpsuite headless 的代理式被动扫描系统☆95Feb 10, 2020Updated 6 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,404Jan 18, 2022Updated 4 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆167Apr 5, 2019Updated 6 years ago
- Shiro<=1.2.4反序列化,一键检测工具☆987Mar 4, 2021Updated 5 years ago
- JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.☆2,913Nov 24, 2021Updated 4 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)☆1,169Aug 7, 2021Updated 4 years ago
- A fast vulnerability scanner helps pentesters pinpoint possibly vulnerable targets from a large number of web servers☆2,369Dec 31, 2024Updated last year
- An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工…☆3,358Oct 21, 2025Updated 4 months ago