prakharathreya / Struts2-RCE
A Burp Extender for checking for struts 2 RCE vulnerabilities.
☆281Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for Struts2-RCE
- burpsuite extension for check unauthorized vulnerability☆228Updated 4 years ago
- 一款基于burp的反射xss检测插件☆151Updated 2 years ago
- 用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件☆201Updated last year
- burp插件 ShiroScan 主要用于框架、无dnslog key检测☆372Updated last year
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆113Updated 3 years ago
- Redis-Attack By Replication (通过主从复制攻击Redis)☆316Updated last year
- ☆319Updated 3 years ago
- CVE-2022-22947☆220Updated 2 years ago
- JSONP Hunter in burpsuite.☆208Updated 4 years ago
- 一款用于辅助渗透测试工程师日常渗透测试的Burp被动漏扫插件☆237Updated last year
- 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新☆263Updated 2 years ago
- 致力于收集Goby PoC,请勿用于非法操作,后果自负。☆248Updated 2 years ago
- 用于host碰撞而生的小工具,专门检测渗透中需要绑定hosts才能访问的主机或内部系统☆591Updated 5 months ago
- 域信息收集工具☆383Updated 2 years ago
- 基于burpsuite的资产分析工具☆427Updated last year
- 域渗透脑图中文翻译版☆276Updated 3 years ago
- 批量检测log4j漏洞,主要还是批量fuzzz 头☆33Updated 2 years ago
- 一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI��项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。☆349Updated 3 years ago
- ☆333Updated 2 years ago
- 🐸Unauthorized Detection Framework未授权访问检测框架☆158Updated 11 months ago
- fastjson 被动扫描、不出网payload生成☆369Updated 3 years ago
- 一个LDAP请求监听器,摆脱dnslog平台☆283Updated last year
- Apache Solr Exploits 🌟☆336Updated 4 years ago
- 面向HW的红队半自动扫描器☆220Updated 2 years ago
- 个人整理的一些域渗透Tricks,可能有一些错误。☆246Updated 3 years ago
- 《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库!Tribute to the most invincible Java logging library in the universe!☆194Updated last year
- ☆492Updated 2 years ago
- 一个高度可定制化的JNDI和Java反序列化利用工具☆447Updated last year
- AWS云平台 AccessKey 泄漏利用工具☆348Updated last year