pekita1 / SSTIFView external linksLinks
一个Fuzzing服务器端模板注入漏洞的半自动化工具
☆15Aug 4, 2016Updated 9 years ago
Alternatives and similar repositories for SSTIF
Users that are interested in SSTIF are comparing it to the libraries listed below
Sorting:
- 一款开源指纹识别工具。☆15May 19, 2017Updated 8 years ago
- 常用的一些Exploit,经常会更新,也欢迎各位提交新的exp给我。☆26Jul 27, 2018Updated 7 years ago
- Burpsuite HTTP 插件,主要用于内网测试,可定制Content-Type和Response Content☆24Jul 2, 2018Updated 7 years ago
- Improving side channel analysis techniques for CTF problems.☆12Oct 25, 2020Updated 5 years ago
- 通过调用zoomeye来获取安装JBoss机器的地址,然后通过HEAD请求植入webshell。 wxPython写了一个界面的控制程序。☆12Mar 28, 2018Updated 7 years ago
- ☆15Aug 12, 2009Updated 16 years ago
- ZZCMS v8.2-重装GETSHELL工具☆11May 8, 2018Updated 7 years ago
- 一个简单的CTF测试平台,做培训上用,目前没有做相关安全方面的策略,不要部署到线上☆14Aug 31, 2017Updated 8 years ago
- nmap模块扫描端口服务后,调用对应的exp检测☆12Jun 9, 2018Updated 7 years ago
- S2-057 poc test☆13Aug 31, 2018Updated 7 years ago
- WEB 跨域postMessage() 漏洞挖掘工具,基本原理:使用AJAX 获取页面代码,结合iframe 和data 协议构造测试环境,然后在iframe 下的window.onmessage 中插入hook 监控onmessage 的参数,最后通过能否被原来的onme…☆11Sep 13, 2016Updated 9 years ago
- Automagically decode DNS Exfiltration queries to convert Blind RCE into proper RCE via Burp Collaborator☆21Jan 7, 2026Updated last month
- 常用系统服务默认端口列表☆13Apr 25, 2017Updated 8 years ago
- ☆13Feb 17, 2016Updated 9 years ago
- 在最小化安装centos7后,一键自动化安装mysql☆10Sep 22, 2015Updated 10 years ago
- Django+NodeJS+Redis实现实时消息推送☆27Sep 1, 2014Updated 11 years ago
- DumpDB Dump database from mysql, mysql脱裤脚本☆19Jun 3, 2016Updated 9 years ago
- Some debug notes and exploit(not blind)☆39Jul 28, 2019Updated 6 years ago
- whatweb的插件☆15Aug 15, 2014Updated 11 years ago
- Articles accumulated by the 360Quake team.☆15Jun 18, 2021Updated 4 years ago
- 用于演示Java Web项目中,漏洞的成因及修复方案,可用于黑盒测试和白盒测试,部分修复方案可用于生产环境。☆43Apr 20, 2018Updated 7 years ago
- 分布式互联网开放端口与协议扫描☆18Jul 20, 2016Updated 9 years ago
- Quickly add http and https domains to BurpSuite's scope with all paths.☆16Jun 2, 2016Updated 9 years ago
- Web在线菜刀☆19Oct 18, 2017Updated 8 years ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆15Jan 27, 2019Updated 7 years ago
- Utilities for creating Burp Suite Extensions.☆21Oct 31, 2024Updated last year
- fofa pro的sdk,go语言版本☆38Mar 17, 2020Updated 5 years ago
- 子域名监控式漏扫☆40Jul 7, 2020Updated 5 years ago
- CVE-2017-10271 POC☆29Jan 10, 2018Updated 8 years ago
- 病毒分析☆18Nov 14, 2019Updated 6 years ago
- Black Hat EU 2018 - Don't Eat Spaghetti with a Spoon - An Analysis of the Practical Value of Threat Intelligence☆22Jan 14, 2019Updated 7 years ago
- 一些漏洞分析☆48Jan 8, 2019Updated 7 years ago
- XSS hunter 收集Webview 页面上存在的反射,储存型XSS ,方便应急APP 和前端页面在发布时遇到XSS 安全问题..☆42Oct 9, 2016Updated 9 years ago
- ☆19Oct 5, 2020Updated 5 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆23Feb 21, 2017Updated 8 years ago
- Explib: Collections of poc and exp.☆21Apr 23, 2018Updated 7 years ago
- A lightweight GUI tool that implements some typical block cipher, coding, hashing, and multi-architecture assemble/disassembly framework,…☆27Nov 21, 2024Updated last year
- 同一局域网内网站源码监控、webshell检测总控端☆23Mar 3, 2018Updated 7 years ago
- 总结一些渗透中值得关注的默认端口☆23May 19, 2016Updated 9 years ago