njcx / gomoon
一个webshell管理工具,支持JSP、PHP,免杀,过WAF,过NIDS。用于学习,研究使用
☆25Updated 3 years ago
Alternatives and similar repositories for gomoon:
Users that are interested in gomoon are comparing it to the libraries listed below
- TongdaOA 11.7 ~11.8 通达OA,任意用户登录+后台getshell☆85Updated 3 years ago
- ☆28Updated last year
- tp日志泄露扫描工具☆83Updated 3 years ago
- ☆44Updated 2 years ago
- 解析nmap扫描结果,并调用hydra进行暴力破解☆47Updated 5 years ago
- 详见公众号☆39Updated last year
- 一个Spring4Shell 被动式检测的Burp插件☆93Updated 3 years ago
- 自己的JNDI 利用工具,添加一些人性化功能☆130Updated 2 years ago
- xray 1.8.5 full crack☆46Updated 2 years ago
- Assassin是一款精简的基于命令行的webshell管理工具,它有着多种payload发送方式和编码方式,以及精简的payload代码,使得它成为隐蔽的暗杀者,难以被很好的防御。☆116Updated 2 years ago
- AutoScan 有多个目标时,多线程调用xray+rad进行自动扫描☆88Updated 2 years ago
- log4j2 RCE漏洞(CVE-2021-44228)内网扫描器,可用于在不出网的条件下进行漏洞扫描,帮助企业内部快速发现Log4jShell漏洞。☆37Updated 3 years ago
- ☆83Updated 4 years ago
- 漏洞复现、工具测试、技术练习☆31Updated 5 years ago
- 基于JavaFx编写的C/S图形化界面漏洞验证工具集。☆24Updated 3 years ago
- 一款探测fastjson漏洞的BurpSuite插件☆61Updated 3 years ago
- 一个超级缝合怪的图形化渗透工具☆35Updated 3 years ago
- 支持自动化的切换请求方式、自动化的请求重试、以完整的扫描Springboot路径☆3Updated 3 years ago
- ☆50Updated 3 years ago
- ☆29Updated 3 years ago
- gophish批量操作,适用于大批量钓鱼演练☆30Updated 4 years ago
- 一款用于src资产信息收集的工具☆56Updated 4 years ago
- ☆38Updated 4 years ago
- python脚本☆18Updated 3 years ago
- 脚写HW爆出来的漏洞的GUI工具☆68Updated 4 years ago
- xxl-job未授权命令执行☆108Updated 3 years ago
- 集成二十六种未授权访问[Active MQ ,Atlassian Crowd ,CouchDB ,Docker ,Dubbo ,Druid ,Elasticsearch ,FTP ,Hadoop ,JBoss ,Jenkins ,Jupyter Notebook ,Kiba…☆36Updated 3 years ago
- 利用字符集编码绕过waf的burpsuite插件☆121Updated 4 years ago
- burp插件:python版,token防重放绕过☆20Updated 4 years ago
- 一个用于隐藏C2的、开箱即用的反向代理服务器。旨在省去繁琐的配置Nginx服务的过程。☆81Updated 3 years ago