phith0n / xxerLinks
A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
☆10Updated 6 years ago
Alternatives and similar repositories for xxer
Users that are interested in xxer are comparing it to the libraries listed below
Sorting:
- RememberMe Padding Oracle Vulnerability RCE☆72Updated 6 years ago
- 禅道8.2 - 9.2.1前台Getshell☆78Updated 6 years ago
- some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute☆70Updated 5 years ago
- A fastjson payload generator☆58Updated 5 years ago
- Shiro_721 exp 纯手工实现Padding Oracle整个过程☆67Updated 6 years ago
- Shiro RememberMe 1.2.4 反序列化 漏洞☆56Updated 6 years ago
- sqlmap分块传输代理☆48Updated 6 years ago
- 一款用于攻击spring boot actuator的集成环境,目前集成三种攻击方式,支持1.x、2.x☆86Updated 4 years ago
- 注入检测工具☆44Updated 6 years ago
- Apache ShardingSphere UI YAML解析远程代码执行漏洞☆31Updated 5 years ago
- Remote Command Execution Over Spark☆97Updated 8 years ago
- A collection of script tools for pentesting☆63Updated 6 years ago
- 资产扫描工具☆45Updated 5 years ago
- Tomcat基于动态注册Filter的无文件Webshell☆26Updated 5 years ago
- CommonsBeanutils1,CommonsCollectionsK1☆58Updated 5 years ago
- 此脚本用于测试 Rdies 未授权访问,在没权限写ssh私钥和定时任务又不知道web绝对路径的情况下,进行WEB目录探测☆73Updated 6 years ago
- autoType enable☆36Updated 6 years ago
- Spring Boot Actuator + Spring Cloud Vul Env☆19Updated 6 years ago
- 应急响应实战笔记,一个安全工程师的自我修养。☆17Updated 6 years ago
- A BurpSuite extension written by Python,used to find API interface in JS file.☆114Updated 2 years ago
- 针对域名/页面的接口爬取,递归模式入库☆22Updated 6 years ago
- fastjson-1.2.58-rce with h2 database☆34Updated 6 years ago
- 泛微ecology OA系统接口存在数据库配置信息泄露漏洞☆50Updated 5 years ago
- ☆57Updated 5 years ago
- ☆40Updated 5 years ago
- ☆22Updated 7 years ago
- CVE-2020-8840:FasterXML/jackson-databind 远程代码执行漏洞☆37Updated 5 years ago
- e-cology OA_Beanshell_RCE☆84Updated 6 years ago
- 子域名后续的信息收集工具☆29Updated 5 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Updated 3 years ago