linshaoSec/WaterExp external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

linshaoSec/WaterExp

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/linshaoSec/WaterExp)

Close

linshaoSec / WaterExpView on GitHubMore

• External links
• Readme badge

WaterExp:面向安服仔的 水报告模板和工具

☆705Oct 14, 2022Updated 3 years ago

Alternatives and similar repositories for WaterExp

Users that are interested in WaterExp are comparing it to the libraries listed below

• F6JO / RouteVulScan

  View on GitHub
  Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件
  ☆1,314Jun 29, 2024Updated last year
• LittleBear4 / OA-EXPTOOL

  View on GitHub
  OA综合利用工具，集合将近20款OA漏洞批量扫描
  ☆1,340Oct 28, 2023Updated 2 years ago
• Schira4396 / VcenterKiller

  View on GitHub
  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
  ☆1,467Apr 25, 2024Updated last year
• shmilylty / netspy

  View on GitHub
  netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）
  ☆2,200Jul 25, 2023Updated 2 years ago
• Tsojan / TsojanScan

  View on GitHub
  An integrated BurpSuite vulnerability detection plug-in.
  ☆1,450Jan 29, 2026Updated last month
• a1phaboy / FastjsonScan

  View on GitHub
  Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
  ☆1,050Oct 7, 2022Updated 3 years ago
• UzJu / Cloud-Bucket-Leak-Detection-Tools

  View on GitHub
  六大云存储，泄露利用检测工具
  ☆1,241Mar 28, 2025Updated 11 months ago
• Ghr07h / Heimdallr

  View on GitHub
  一款完全被动监听的谷歌插件，用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗
  ☆1,647Jan 19, 2023Updated 3 years ago
• achuna33 / MYExploit

  View on GitHub
  OAExploit一款基于产品的一键扫描工具。
  ☆1,482Sep 20, 2022Updated 3 years ago
• lemonlove7 / EHole_magic

  View on GitHub
  EHole(棱洞)魔改。可对路径进行指纹识别；支持识别出来的重点资产进行漏洞检测(支持从hunter和fofa中提取资产)支持对ftp服务识别及爆破
  ☆948Mar 6, 2024Updated last year
• EdgeSecurityTeam / EHole

  View on GitHub
  EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具
  ☆3,438Apr 2, 2024Updated last year
• White-hua / Apt_t00ls

  View on GitHub
  高危漏洞利用工具
  ☆1,825Feb 12, 2025Updated last year
• dark-kingA / superSearchPlus

  View on GitHub
  superSearchPlus是聚合型信息收集插件，支持综合查询，资产测绘查询，信息收集 敏感信息提取 js资源扫描 目录扫描 vue组件扫描 整合了目前常见的资产测绘平台 专为白帽子提供快速侦测目标。
  ☆1,435Dec 16, 2024Updated last year
• ttstormxx / jjjjjjjjjjjjjs

  View on GitHub
  爬网站JS文件，自动fuzz api接口，指定api接口（针对前后端分离项目，可指定后端接口地址），回显api响应
  ☆756Jul 20, 2023Updated 2 years ago
• lijiejie / swagger-exp

  View on GitHub
  A Swagger API Exploit
  ☆1,370Jun 7, 2024Updated last year
• KimJun1010 / WeblogicTool

  View on GitHub
  WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）
  ☆1,773Nov 1, 2023Updated 2 years ago
• lz520520 / railgun

  View on GitHub
  ☆2,278Jan 17, 2025Updated last year
• f0ng / autoDecoder

  View on GitHub
  Burp插件，根据自定义来达到对数据包的处理（适用于加解密、爆破等），类似mitmproxy，不同点在于经过了burp中转，在自动加解密的基础上，不影响APP、网站加解密正常逻辑等。
  ☆1,327Dec 14, 2025Updated 2 months ago
• 1n7erface / Template

  View on GitHub
  Next generation RedTeam heuristic intranet scanning | 下一代RedTeam启发式内网扫描
  ☆1,115Sep 16, 2023Updated 2 years ago
• 0x727 / BypassPro

  View on GitHub
  对Auth/Waf 自动化bypass的burpsuite插件
  ☆1,076Jan 26, 2026Updated last month
• savior-only / Spring_All_Reachable

  View on GitHub
  Spring漏洞综合利用工具
  ☆675Jul 5, 2023Updated 2 years ago
• SafeGroceryStore / MDUT

  View on GitHub
  MDUT - Multiple Database Utilization Tools
  ☆2,190Sep 22, 2023Updated 2 years ago
• cseroad / Webshell_Generate

  View on GitHub
  用于生成各类免杀webshell
  ☆1,284Jan 8, 2026Updated last month
• whwlsfb / JDumpSpider

  View on GitHub
  HeapDump敏感信息提取工具
  ☆1,632Dec 15, 2025Updated 2 months ago
• lemonlove7 / dirsearch_bypass403

  View on GitHub
  目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别
  ☆854Sep 30, 2025Updated 5 months ago
• f0ng / log4j2burpscanner

  View on GitHub
  CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
  ☆841Jun 13, 2023Updated 2 years ago
• wgpsec / ENScan_GO

  View on GitHub
  一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入
  ☆4,219Jan 5, 2026Updated last month
• rtcatc / Packer-Fuzzer

  View on GitHub
  Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack…
  ☆3,209May 24, 2024Updated last year
• iamHuFei / HVVault

  View on GitHub
  梳理【护网高利用率POC】并集成Nuclei模板仓库，针对解决网上同一资产漏洞一键检测工具参次不齐问题。
  ☆576Mar 21, 2024Updated last year
• wyzxxz / aksk_tool

  View on GitHub
  AK资源管理工具，阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM/E2/UHOST/ECI/BCC执行命令，OSS/COS/S3/BOS…
  ☆779Feb 13, 2025Updated last year
• SummerSec / ShiroAttack2

  View on GitHub
  shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
  ☆2,379Apr 10, 2024Updated last year
• smxiazi / xia_sql

  View on GitHub
  xia SQL (瞎注) burp 插件 ，在每个参数后面填加一个单引号，两个单引号，一个简单的判断注入小插件。
  ☆1,229May 18, 2023Updated 2 years ago
• zema1 / suo5

  View on GitHub
  高性能 HTTP 正向代理工具 | A high-performance http tunneling tool
  ☆2,673Feb 2, 2026Updated last month
• yuyan-sec / RedisEXP

  View on GitHub
  Redis 漏洞利用工具
  ☆938Jan 26, 2025Updated last year
• m-sec-org / EZ

  View on GitHub
  EZ是一款集信息收集、端口扫描、服务暴破、URL爬虫、指纹识别、被动扫描为一体的跨平台漏洞扫描器。
  ☆1,025Jan 17, 2025Updated last year
• dark-kingA / cloudTools

  View on GitHub
  云资产管理工具 目前工具定位是云安全相关工具，目前是两个模块 云存储工具、云服务工具， 云存储工具主要是针对oss存储、查看、删除、上传、下载、预览等等 云服务工具主要是针对rds、服务器的管理，查看、执行命令、接管等等
  ☆1,140Updated this week
• R4gd0ll / I-Wanna-Get-All

  View on GitHub
  综合漏洞后渗透利用工具
  ☆1,666Dec 11, 2025Updated 2 months ago
• TryGOTry / DogCs4.4

  View on GitHub
  cs4.4修改去特征狗狗版(美化ui,去除特征,自带bypass核晶截图等..)
  ☆574Jan 17, 2023Updated 3 years ago
• tr0uble-mAker / POC-bomber

  View on GitHub
  利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点
  ☆2,360Jun 9, 2023Updated 2 years ago