A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
☆10Mar 18, 2019Updated 6 years ago
Alternatives and similar repositories for xxer
Users that are interested in xxer are comparing it to the libraries listed below
Sorting:
- Alternative Mimikatz LSASS DUMPER☆14Apr 2, 2020Updated 5 years ago
- 自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统,本系统属于数据处理部分,抓取流量镜像的数据,进行分析过滤去重等操作,发送至消息队列中,等待PassiveSecCheck消费☆34Dec 21, 2017Updated 8 years ago
- 可扩展的webshell管理工具☆18Jun 17, 2024Updated last year
- 自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统,本系统属于漏洞验证部分,根据提供的数据进行分布式安全验证,确定是否包含相关严重漏洞。☆49Dec 26, 2017Updated 8 years ago
- 攻防清单:用于整理当前收集的所有攻防相关资源☆26Mar 22, 2019Updated 6 years ago
- ☆27Aug 19, 2015Updated 10 years ago
- cobalt strike 自用脚本☆29Oct 29, 2020Updated 5 years ago
- IngressNightmare POC. world first non-blind remote execution exploitation with multi-advanced exploitation methods. allow on disk exploit…☆92May 6, 2025Updated 9 months ago
- a database query builder for CTFer(出题专用/开发阶段/慎用)☆33May 28, 2018Updated 7 years ago
- penetration testing framework that can use socks4/socks5 proxy.☆53Sep 6, 2014Updated 11 years ago
- The Whitepaper For Enterprise Security created by Monster Zero Team☆36Jun 3, 2017Updated 8 years ago
- 来自 gloxec 的 CrossC2 frameworkfork 备份 2.0版本☆34Sep 27, 2020Updated 5 years ago
- A Django-based Foreign Exchange data toolkit. Part of the Valuehorizon application ecosystem.☆10Jul 6, 2022Updated 3 years ago
- AES-encrypted TCP/IP swiss army knife.☆11Nov 6, 2022Updated 3 years ago
- Nexus Repository Manager3 - 远程执行代码漏洞回显payload☆13Sep 29, 2020Updated 5 years ago
- 一款基于subDomainsBrute子域名爆破工具结果的处理脚本☆10Jul 28, 2017Updated 8 years ago
- Kernel module to hide tcp connections from an attacker ip address☆11Mar 24, 2022Updated 3 years ago
- distributed nmap using Celery☆11Mar 17, 2017Updated 8 years ago
- Python crawler for remote Windows shares☆12Nov 29, 2015Updated 10 years ago
- Docker image: DNS over HTTPS proxy☆11Jun 26, 2020Updated 5 years ago
- 基于http代理的web漏洞扫描器的实现☆10Jul 5, 2015Updated 10 years ago
- 用python写的一个自动化解析swagger-api接口并发送的脚本☆11Oct 18, 2022Updated 3 years ago
- 蜜罐捕获的数据☆11May 16, 2016Updated 9 years ago
- 针对大量WEB资产进行分布式WEB安全扫描,发现web环境下常规的一些安全漏洞☆99Apr 19, 2019Updated 6 years ago
- 前渗透信息探测工具集-旁站关联域名采集☆40May 9, 2018Updated 7 years ago
- 这里存放的是我们团队做CTF题目的时候经常用到的一些工具☆11Nov 5, 2018Updated 7 years ago
- SQL injection detection engine by tokenzing and syntax analysis, like SQLChop☆10May 8, 2017Updated 8 years ago
- 超精简的POC扫描框架☆10Aug 5, 2019Updated 6 years ago
- Fuzzer常见的弱口令作为字典☆45Apr 29, 2015Updated 10 years ago
- Developing trading systems on foreign exchange market☆10Jan 22, 2017Updated 9 years ago
- 在线漏洞扫描☆10Jul 22, 2016Updated 9 years ago
- 一个攻击框架☆10May 29, 2015Updated 10 years ago
- jboss,tomcat,weblogic,未授权访问扫描工具☆14Dec 2, 2018Updated 7 years ago
- experts☆10Dec 5, 2022Updated 3 years ago
- Web app - FX Trading Simulation and Historic Data Visualisation☆10Jun 29, 2016Updated 9 years ago
- 域名接管漏洞,批量检测工具☆11Oct 29, 2020Updated 5 years ago
- sqliv modified by Ali0th☆14Dec 28, 2017Updated 8 years ago
- 暴力检测一些qq企业邮箱弱口令的用户。以提醒他们修改密码☆13Nov 25, 2015Updated 10 years ago
- WAF Cookie Fetcher is a Burp Suite extension written in Python, which uses a headless browser to obtain the values of WAF-injected cookie…☆16Jan 16, 2018Updated 8 years ago