a simple tool to detect potential security threat in php code
☆316Sep 9, 2024Updated last year
Alternatives and similar repositories for chip
Users that are interested in chip are comparing it to the libraries listed below
Sorting:
- PHP Runtime Vulnerability Detection☆480May 25, 2019Updated 6 years ago
- dynamic crawler for web vulnerability scanner☆252Mar 4, 2020Updated 5 years ago
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,198Oct 17, 2023Updated 2 years ago
- Code-Breaking Puzzles☆292Apr 6, 2025Updated 10 months ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- ☆119Mar 21, 2020Updated 5 years ago
- 网页相似度判断:根据网页结构判断页面相似性 ,可用于相似度计算、越权检测等(Determine page similarity based on HTML page structure)☆282Jul 27, 2019Updated 6 years ago
- My Real World CTF challenges☆115Sep 19, 2019Updated 6 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- 针对ctf线下赛流量抓取(php)、真�实环境流量抓取分析的工具☆742Jun 2, 2023Updated 2 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- Code-Audit-Challenges☆990Nov 17, 2018Updated 7 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- 更快速的进行Web应用指纹识别☆170May 9, 2019Updated 6 years ago
- 360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能☆1,183Nov 10, 2021Updated 4 years ago
- PHP 扩展, 用于 PHP-FPM、FastCGI、LD_PRELOAD等模式下突破 disabled_functions☆106Sep 8, 2021Updated 4 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆819Sep 4, 2019Updated 6 years ago
- A PHP7 extension that can hook most functions/classes and parts of opcodes☆242Sep 17, 2021Updated 4 years ago
- Multi-language web CGI interfaces exploits.☆399Aug 22, 2022Updated 3 years ago
- Shiro RCE (Padding Oracle Attack)☆148Nov 15, 2019Updated 6 years ago
- ☆835Jun 7, 2022Updated 3 years ago
- Burp suite 分块传输辅助插件☆2,022Feb 23, 2022Updated 4 years ago
- Redis 4.x/5.x RCE☆975Nov 30, 2021Updated 4 years ago
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。☆2,379Jan 16, 2026Updated last month
- 从wooyun中提取的payload,以及burp插件☆842Jun 17, 2022Updated 3 years ago
- Java code comparison tool (jar / class)☆341Jun 4, 2020Updated 5 years ago
- Pwn stuff.☆1,805May 31, 2022Updated 3 years ago
- 用于记录分享一些有趣的案例☆866Jan 10, 2022Updated 4 years ago
- Java RCE 回显测试代码☆1,016Oct 15, 2020Updated 5 years ago
- Weblogic环境搭建工具☆796Apr 23, 2020Updated 5 years ago
- java内存对象搜索辅助工具☆823Sep 23, 2022Updated 3 years ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)☆1,169Aug 7, 2021Updated 4 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- Flask 内存马☆313Mar 26, 2021Updated 4 years ago
- Gather sensitive information from (.idea) folder for pentesters☆370Aug 5, 2022Updated 3 years ago
- MySQL fake server for read files of connected clients☆605Jul 23, 2017Updated 8 years ago