phplaber/yawf

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/phplaber/yawf)

phplaber / yawf

Web 漏洞检测工具

☆139

Alternatives and similar repositories for yawf

Users that are interested in yawf are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

dahezhiquan / CharcoalFire
View on GitHub
炭火，渗透测试全流程工具
☆24Sep 1, 2025Updated 6 months ago
y1nglamore / IDOR_detect_tool
View on GitHub
一款API水平越权漏洞检测工具
☆766Jun 27, 2023Updated 2 years ago
Ciyfly / woodpecker
View on GitHub
兼容xray nuclei yaml格式以及go代码格式的poc验证扫描器
☆190Aug 23, 2023Updated 2 years ago
Aur0ra-m / APIKiller
View on GitHub
API Security DAST & Oprations
☆319Jul 5, 2023Updated 2 years ago
ye1sec / CrawlerVuln
View on GitHub
基于动态爬虫的Web漏洞检测
☆19Dec 6, 2022Updated 3 years ago
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
Ciyfly / Argo
View on GitHub
Argo is an automated general crawler for automatically obtaining website URLs . Argo 是一个自动化扫描器爬虫用于自动化获取网站的URL 基于go-rod实现了静态和动态结合的方式来实现
☆218Dec 16, 2025Updated 3 months ago
suizhibo / Tao
View on GitHub
Tao（道）一款用于java语言函数调用关系生成的工具，致力于提高java代码审计效率。
☆11Jul 2, 2024Updated last year
anx0ing / thinkphp_scan
View on GitHub
Thinkphp各版本漏洞验证脚本
☆32Mar 16, 2023Updated 3 years ago
NeoTheCapt / PowerScanner
View on GitHub
面向HW的红队半自动扫描器
☆226Dec 16, 2021Updated 4 years ago
youki992 / VscanPlus
View on GitHub
[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本，端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具，批量快速检测网站安全隐患。An open-source, cross-platform websit…
☆327Mar 10, 2026Updated 2 weeks ago
niudaii / zpscan
View on GitHub
一个有点好用的信息收集工具。A somewhat useful information gathering tool.
☆1,190Dec 17, 2024Updated last year
ffffffff0x / ones
View on GitHub
可用于多个网络资产测绘引擎 API 的命令行查询工具
☆184Sep 14, 2023Updated 2 years ago
smxiazi / xia_Yue
View on GitHub
burp 插件 xia_Yue（瞎越）主要用于测试越权、未授权
☆678Aug 27, 2024Updated last year
ffffffff0x / burp_nu_te_gen
View on GitHub
nuclei模版生成插件
☆109Dec 19, 2023Updated 2 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
winezer0 / APIFinderPlus
View on GitHub
目标是成为当下最完善的API挖掘工具，实现自动提取响应敏感信息、URI信息，并且对URI进行自动|手动递归检查
☆257Aug 16, 2025Updated 7 months ago
tongcheng-security-team / NextScan
View on GitHub
飞刃是一套完整的企业级黑盒漏洞扫描系统，集成漏洞扫描、漏洞管理、扫描资产、爬虫等服务。拥有强大的漏洞检测引擎和丰富的插件库，覆盖多种漏洞类型和应用程序框架。
☆1,165Jun 30, 2023Updated 2 years ago
z-bool / Venom-Crawler
View on GitHub
毒液爬行器：专为捡洞而生的爬虫神器
☆211Mar 3, 2025Updated last year
DVKunion / SeaMoon
View on GitHub
月海 (Sea Moon) 是一款 FaaS/BaaS 实现的 Serverless 网络工具
☆589Jan 21, 2026Updated 2 months ago
7estUser / WIKI-POC
View on GitHub
漏洞库
☆32Feb 12, 2026Updated last month
Drun1baby / FineReportExploit
View on GitHub
帆软报表漏洞检测工具
☆115Jun 10, 2025Updated 9 months ago
TD0U / WeaverScan
View on GitHub
泛微oa漏洞利用工具
☆255Jan 4, 2023Updated 3 years ago
lsczll / ctro-AD-tools
View on GitHub
用于内网渗透测试的工具包括 crto 认证、AD 渗透以及内网信息收集项目的自存
☆18May 31, 2024Updated last year
SAY0l / Sayo-proxyscan
View on GitHub
SOCKS4/SOCKS4a/SOCKS5/HTTP/HTTPS fast proxy scanner
☆53Sep 8, 2023Updated 2 years ago
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
ssrsec / SpringBootEnvDecrypt
View on GitHub
SpringBoot获取被星号脱敏的密码的明文
☆57Dec 13, 2021Updated 4 years ago
MzzdToT / HAC_Bored_Writing
View on GitHub
各种漏洞批量扫描poc、exp，涵盖未授权、RCE、文件上传、sql注入、信息泄露等
☆290Dec 4, 2023Updated 2 years ago
YouChenJun / Keydd
View on GitHub
从流量包匹配敏感信息的工具-可用作bp、浏览器的下游代理。0感知、无卡顿，支持https。
☆287Mar 19, 2026Updated last week
LittleBear4 / Find-SomeThing
View on GitHub
红队批量脆弱点搜集工具
☆336Jun 6, 2023Updated 2 years ago
bcvgh / daydayExp-pocs
View on GitHub
daydayExp的漏洞POC仓库，慢慢更新...
☆371Nov 4, 2024Updated last year
bit4woo / Fiora
View on GitHub
Fiora：漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行，也可作为burp插件使用。
☆1,276Jul 2, 2025Updated 8 months ago
yqcs / heartsk_community
View on GitHub
Hearts K-企业资产发现与脆弱性检查工具，自动化资产信息收集与漏洞扫描
☆251Dec 25, 2023Updated 2 years ago
m-sec-org / EZ
View on GitHub
EZ是一款集信息收集、端口扫描、服务暴破、URL爬虫、指纹识别、被动扫描为一体的跨平台漏洞扫描器。
☆1,034Jan 17, 2025Updated last year
orleven / Hamster
View on GitHub
Hamster是基于mitmproxy开发的异步被动扫描框架，基于http代理进行被动扫描，主要功能为重写数据包、签名、漏洞扫描、敏感参数收集等功能（开发中）。
☆69Oct 31, 2024Updated last year
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
wooluo / SSlogs
View on GitHub
应急分析溯源日志工具：一个功能强大的Web日志安全分析工具，集成了规则引擎、AI智能分析和多格式报告生成，专为安全应急响应和威胁溯源而设计。
☆108Oct 28, 2025Updated 4 months ago
woodpecker-appstore / rmi-deserialization-vuldb
View on GitHub
Java RMI反序列化漏洞插件
☆49Jun 11, 2021Updated 4 years ago
iamHuFei / HVVault
View on GitHub
梳理【护网高利用率POC】并集成Nuclei模板仓库，针对解决网上同一资产漏洞一键检测工具参次不齐问题。
☆577Mar 21, 2024Updated 2 years ago
k3ppf0r / 2024-PocLib
View on GitHub
此项目的POC来源为2024年以来各大威胁情报的高危漏洞复现，POC已通过nuclei或xray武器化,绝大部分为自复现并自验过，本项目旨在为网络安全爱好者们提供一点参考资料，可供个人研究使用，共勉
☆312Aug 14, 2024Updated last year
chushuai / wscan
View on GitHub
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
☆702Jan 6, 2026Updated 2 months ago
gh0stkey / CaA
View on GitHub
CaA - Collector and Analyzer, Insight into information, exploring with intelligence in a thousand ways.
☆1,443Mar 19, 2026Updated last week
Tsojan / TsojanScan
View on GitHub
An integrated BurpSuite vulnerability detection plug-in.
☆1,463Jan 29, 2026Updated last month