lijiejie / idea_exploitView external linksLinks
Gather sensitive information from (.idea) folder for pentesters
☆370Aug 5, 2022Updated 3 years ago
Alternatives and similar repositories for idea_exploit
Users that are interested in idea_exploit are comparing it to the libraries listed below
Sorting:
- Redis 4.x/5.x RCE☆975Nov 30, 2021Updated 4 years ago
- Burp suite 分块传输辅助插件☆2,021Feb 23, 2022Updated 3 years ago
- Passive Security Scanner (被动式安全扫描器)☆1,946Feb 8, 2023Updated 3 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,387Dec 16, 2022Updated 3 years ago
- 360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能☆1,185Nov 10, 2021Updated 4 years ago
- Burp被动扫描流量转发插件☆1,459Jun 17, 2024Updated last year
- A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.☆1,713May 6, 2023Updated 2 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆969Jun 16, 2024Updated last year
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆484Dec 9, 2020Updated 5 years ago
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,200Oct 17, 2023Updated 2 years ago
- Weblogic一键漏洞检测工具,V1.5,更新时间:20200730☆2,263May 22, 2023Updated 2 years ago
- JNDI服务利用��工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,011May 21, 2024Updated last year
- A Swagger API Exploit☆1,371Jun 7, 2024Updated last year
- a simple tool to detect potential security threat in php code☆317Sep 9, 2024Updated last year
- A powerful browser crawler for web vulnerability scanners☆3,018Mar 11, 2025Updated 11 months ago
- Struts2全漏洞扫描利用工具☆2,209Jul 12, 2021Updated 4 years ago
- 渗透测试用到的东东☆429May 6, 2020Updated 5 years ago
- 用于记录分享一些有趣的案例☆867Jan 10, 2022Updated 4 years ago
- 总结了20+.Net反序列化文章,持续更新☆747Apr 3, 2024Updated last year
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- python webanalyzer☆148Jun 2, 2021Updated 4 years ago
- Tomcat-Ajp协议文件读取漏洞☆795Mar 3, 2020Updated 5 years ago
- 更快速的进行Web应用指纹识别☆172May 9, 2019Updated 6 years ago
- SvnExploit支持SVN源代码泄露全版本Dump源码☆1,024Dec 20, 2022Updated 3 years ago
- 从wooyun中提取的payload,以及burp插件☆840Jun 17, 2022Updated 3 years ago
- Redis(<=5.0.5) RCE☆1,135Sep 24, 2023Updated 2 years ago
- 通过 Redis 主从写出无损文件☆719May 25, 2020Updated 5 years ago
- mysql注入,bypass的一些心得☆1,329Jun 25, 2024Updated last year
- 基于burpsuite headless 的代理式被动扫描系统☆97Feb 10, 2020Updated 6 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆868Jul 21, 2019Updated 6 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,404Jan 18, 2022Updated 4 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆167Apr 5, 2019Updated 6 years ago
- Shiro<=1.2.4反序列化,一键检测工具☆989Mar 4, 2021Updated 4 years ago
- JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.☆2,909Nov 24, 2021Updated 4 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)☆1,170Aug 7, 2021Updated 4 years ago
- A fast vulnerability scanner helps pentesters pinpoint possibly vulnerable targets from a large number of web servers☆2,366Dec 31, 2024Updated last year
- An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工…☆3,358Oct 21, 2025Updated 3 months ago