A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
☆10Mar 18, 2019Updated 7 years ago
Alternatives and similar repositories for xxer
Users that are interested in xxer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Alternative Mimikatz LSASS DUMPER☆14Apr 2, 2020Updated 5 years ago
- 自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统,本系统属于数据处理部分,抓取流量镜像的数据,进行分析过滤去重等操作,发送至消息队列中,等待PassiveSecCheck消费☆34Dec 21, 2017Updated 8 years ago
- 可扩展的webshell管理工具☆18Jun 17, 2024Updated last year
- 自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统,本系统属于漏洞验证部分,根据提供的数据进行分布式安全验证,确定是否包含相关严重漏洞。☆49Dec 26, 2017Updated 8 years ago
- 攻防清单:用于整理当前收集的所有攻防相关资源☆26Mar 22, 2019Updated 7 years ago
- 基于radium爬虫编写的批量任务处理脚本,使用进程池☆13Aug 20, 2020Updated 5 years ago
- 域名接管漏洞,批量检测工具☆11Oct 29, 2020Updated 5 years ago
- Beef hook OWA / Outlook☆12Mar 27, 2019Updated 6 years ago
- IngressNightmare POC. world first non-blind remote execution exploitation with multi-advanced exploitation methods. allow on disk exploit…☆92May 6, 2025Updated 10 months ago
- 泛微ecology OA系统接口存在数据库配置信息泄露漏洞☆50Jul 13, 2020Updated 5 years ago
- ☆12Aug 20, 2020Updated 5 years ago
- Nexus Repository Manager3 - 远程执行代码漏洞回显payload☆13Sep 29, 2020Updated 5 years ago
- ☆27Aug 19, 2015Updated 10 years ago
- penetration testing framework that can use socks4/socks5 proxy.☆53Sep 6, 2014Updated 11 years ago
- A demo for hexo-theme-book.☆10Oct 10, 2020Updated 5 years ago
- cobalt strike 自用脚本☆29Oct 29, 2020Updated 5 years ago
- awvs12统一面板管理多引擎Multi-engine,一键docker部署☆14Oct 24, 2019Updated 6 years ago
- 一个用于隐藏C2的、开箱即用的反向代理服务器。旨在省去繁琐的配置Nginx服务的过程。☆13Feb 14, 2022Updated 4 years ago
- ☆23Jan 15, 2019Updated 7 years ago
- goon,是一款基于golang开发的扫描工具,暂时支持portscan、webscan、titlescan、dirscan、fofascan、pluginscan等模块功能,当然也支持将这些模块联动起来的autoscan。后期也会慢慢加入其他零件模块,感谢您的使用,也希望…☆10Jun 28, 2021Updated 4 years ago
- HTTP/HTTPS proxy server by golang [high performance version]☆54Jul 25, 2020Updated 5 years ago
- 本脚本是HIDS组成的一部分,旨在对指定监控目录进行文件hash记录,定时运行,发现文件替换、修改等后门可疑程序。☆13Dec 15, 2017Updated 8 years ago
- 用python写的一个自动化解析swagger-api接口并发送的脚本☆11Oct 18, 2022Updated 3 years ago
- 来自 gloxec 的 CrossC2 frameworkfork 备份 2.0版本☆34Sep 27, 2020Updated 5 years ago
- SharpGetTitle - 基于 C# 的多线程 Web Title 扫描器☆15Nov 26, 2020Updated 5 years ago
- Docker image: DNS over HTTPS proxy☆11Jun 26, 2020Updated 5 years ago
- ☆17Oct 4, 2020Updated 5 years ago
- Zimbra XXE+SSRF+UPLOAD Poc☆59Jun 25, 2019Updated 6 years ago
- 暴力检测一些qq企业邮箱弱口令的用户。以提醒他们修改密码☆13Nov 25, 2015Updated 10 years ago
- 本脚本旨在生成各类畸形URL链接,进行探测使用的payload,尝试绕过服务端ssrf限制。☆28Jan 9, 2019Updated 7 years ago
- 一个为PentestBox添加搜索工具名称功能的py脚本☆13Sep 28, 2020Updated 5 years ago
- 针对大量WEB资产进行分布式WEB安全扫描,发现web环境下常规的一些安全漏洞☆99Apr 19, 2019Updated 6 years ago
- Netease music plugin for noise player☆14Dec 8, 2015Updated 10 years ago
- ☆231Jan 3, 2022Updated 4 years ago
- a database query builder for CTFer(出题专用/开发阶段/慎用)☆33May 28, 2018Updated 7 years ago
- The Whitepaper For Enterprise Security created by Monster Zero Team☆36Jun 3, 2017Updated 8 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆58Oct 31, 2019Updated 6 years ago
- Kernel Support for miscellaneous (your favourite) exploits☆22Apr 19, 2017Updated 8 years ago
- ☆20Dec 3, 2020Updated 5 years ago