Alternatives and similar repositories for xray-poc-generation:

Users that are interested in xray-poc-generation are comparing it to the libraries listed below

• dr0op / shiro-550-with-NoCC
  Shiro-550 不依赖CC链利用工具
  ☆448Updated 8 months ago
• ggg4566 / SQLEXP
  SQL 注入利用工具，存在waf的情况下自定义编写tamper脚本 dump数据
  ☆286Updated 4 years ago
• potats0 / shiroPoc
  ☆320Updated 3 years ago
• SafeGroceryStore / Caesar
  一个全新的敏感文件发现工具
  ☆269Updated 4 years ago
• flowerwind / JspFinder
  一款通过污点追踪发现Jsp webshell的工具(A tool to find Jsp Webshell through stain tracking)
  ☆175Updated 3 years ago
• DSO-Lab / pocscan
  ☆113Updated 4 years ago
• xiaoheiwo / GGSCAN
  一款渗透时快速资产探测工具
  ☆222Updated 3 years ago
• timwhitez / Frog-Auth
  🐸Unauthorized Detection Framework未授权访问检测框架
  ☆158Updated last year
• LFYSec / ActuatorExploit
  SpringBoot Actuator未授权自动化利用，支持信息泄漏/RCE
  ☆232Updated 4 years ago
• p1g3 / Fastjson-Scanner
  a burp extension to find where use fastjson
  ☆165Updated 4 years ago
• zema1 / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆354Updated 2 years ago
• 0-Xyao / Zero-box
  零组小工具
  ☆136Updated 3 years ago
• Y4er / fastjson-bypass-autotype-1.2.68
  fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
  ☆223Updated 2 years ago
• iiiusky / AntiHoneypot-Chrome-simple
  Chrome 蜜罐检测插件
  ☆297Updated 4 years ago
• 0671 / RabR
  Redis-Attack By Replication (通过主从复制攻击Redis)
  ☆320Updated 2 years ago
• cwkiller / Pentest_Dic
  自己收集整理自用的字典
  ☆229Updated last year
• xhycccc / Struts2-Vuln-Demo
  Struts2漏洞实例源码
  ☆205Updated 4 years ago
• Echocipher / Pentest-Wiki
  规范渗透测试报告中的漏洞名称以及修复建议
  ☆144Updated 5 years ago
• bigsizeme / fastjson-check
  fastjson 被动扫描、不出网payload生成
  ☆366Updated 3 years ago
• cwkiller / unauthorized-check
  扫描常见未授权访问（redis、mongodb、memcached、elasticsearch、zookeeper、ftp、CouchDB、docker、Hadoop）
  ☆187Updated 4 years ago
• grayddq / EBurst
  这个脚本主要提供对Exchange邮件服务器的账户爆破功能，集成了现有主流接口的爆破方式。
  ☆332Updated last year
• threedr3am / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.优化了一些东西。
  ☆215Updated 3 years ago
• Ch1ngg / JCE
  JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本
  ☆257Updated 3 years ago
• CTF-MissFeng / report
  乙方渗透测试漏洞报告管理系统
  ☆196Updated 3 years ago
• depycode / fastjson-c3p0
  fastjson不出网利用、c3p0
  ☆249Updated 3 years ago
• smxiazi / fuzzDicts
  Web Pentesting Fuzz 字典,一个就够了。
  ☆71Updated 5 years ago
• bigsizeme / shiro-check
  Shiro反序列化回显利用、内存shell、检查 Burp插件
  ☆216Updated 2 years ago
• yqcs / heartsk_community
  Hearts K-企业资产发现与脆弱性检查工具，自动化资产信息收集与漏洞扫描
  ☆251Updated last year
• Veraxy00 / Shiro-EXP
  Apache Shiro 反序列化漏洞检测与利用工具，一键注入内存马
  ☆138Updated 4 years ago
• Ppsoft1991 / CodeReviewTools
  通过正则搜索、批量反编译特定Jar包中的class名称
  ☆310Updated 3 years ago