对接JNDIMonitor的Burp Suite被动扫描插件
☆26Dec 16, 2021Updated 4 years ago
Alternatives and similar repositories for log4jScan_Modify
Users that are interested in log4jScan_Modify are comparing it to the libraries listed below
Sorting:
- 利用xray高级版批量收集子域名☆18Feb 19, 2020Updated 6 years ago
- 一个LDAP请求监听器,摆脱dnslog平台☆293Apr 7, 2023Updated 2 years ago
- 批量处理url链接,获取多级路径并打印☆47Jul 12, 2023Updated 2 years ago
- 从github爬取路径然后生成字典用来爆破,针对利用开源github搭建的网站的路径提取☆27Aug 20, 2022Updated 3 years ago
- Burp extension to allow you to highlight Repeater tabs.☆10Jun 14, 2021Updated 4 years ago
- Dnslog Interactsh的Py版接口查询☆13Dec 10, 2021Updated 4 years ago
- 可以从公开仓库直接拖取镜像的一个小工具 方便直接解包审计代码☆13Feb 11, 2023Updated 3 years ago
- 破产版免杀☆52Oct 2, 2021Updated 4 years ago
- 这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。https://github.com/fofapro/Hosts_scan implement in Go☆116Aug 30, 2022Updated 3 years ago
- TaiO 的定位是一款用于攻击方对靶标资产梳理,快速定位脆弱资产的网络空间测绘工具☆75Mar 9, 2022Updated 3 years ago
- 就是一个练习Java反序列化的最简单环境☆14Dec 24, 2021Updated 4 years ago
- 用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件☆213Apr 18, 2023Updated 2 years ago
- A burp extension, check Sturts2 RCE through passive scan.一款检测Struts2 RCE漏洞的burp被动扫描插件~☆15Dec 9, 2020Updated 5 years ago
- Fast http batch request tool☆106Feb 25, 2023Updated 3 years ago
- 字节码工具☆31Sep 19, 2022Updated 3 years ago
- Windows活动目录中的LDAP信息收集工具☆234Oct 9, 2021Updated 4 years ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in redis with password.用于生成附带密码认证的gopher内容,用于SSRF等利用。☆120Jul 11, 2019Updated 6 years ago
- 0DayList☆15Apr 4, 2022Updated 3 years ago
- 泛微OA_V9全版本的SQL远程代码执行漏洞☆157Apr 20, 2022Updated 3 years ago
- python编写的多个通达常见漏洞exp☆38Aug 26, 2021Updated 4 years ago
- 根据多个不同地区进行聚合查询以获取更多 fofa 数据☆28Jul 24, 2023Updated 2 years ago
- 用来存放平时写的一些net内存马,仅用于练手,需要可以自行修改☆89May 3, 2022Updated 3 years ago
- 一个Spring4Shell 被动式检测的Burp插件☆93Apr 8, 2022Updated 3 years ago
- 自动提取主域名/IP,并调用fofa、quake、hunter等网络资产测绘系统搜集子域名,可配合指纹扫描工具达到快速资产整理☆73Dec 5, 2024Updated last year
- burp插件 ShiroScan 主要用于框架、无dnslog key检测,在大佬的基础上加入shiro>1.2.42(AES GCM)☆17May 6, 2021Updated 4 years ago
- Use Fofa、shodan、zoomeye、360quake to collect information(e.g:domain,IP,CMS,OS)同时调用Fofa、shodan、zoomeye、360quake四个网络空间测绘API完成红队信息收集☆71Nov 13, 2023Updated 2 years ago
- Redis 未授权检测,密码爆破,Webshell写入,SSH公私钥写入,定时计划反弹Shell.☆126Mar 17, 2021Updated 4 years ago
- CobaltStrike4.4 一键部署脚本 随机生成密码、key、端口号、证书等,解决cs4.x无法运行在Linux上报错问题 灰常银杏化设计☆286Mar 19, 2022Updated 3 years ago
- 自己辅助渗透用的小工具(真心小工具)☆48Sep 3, 2022Updated 3 years ago
- 将域名转为ip段权重☆215Mar 14, 2023Updated 2 years ago
- 批量检测log4j漏洞,主要还是批量fuzzz 头☆33Dec 12, 2021Updated 4 years ago
- 对naabu的端口扫描结果,调用nmap进行指纹识别☆17Dec 28, 2021Updated 4 years ago
- ☆72Jul 4, 2023Updated 2 years ago
- 一些常见字典☆174Aug 19, 2021Updated 4 years ago
- AutoGeaconC2: 一键读取Profile自动化生成geacon实现跨平台上线CobaltStrike☆143Apr 7, 2024Updated last year
- ☆37Aug 25, 2020Updated 5 years ago
- 一个垃圾利用工具,半自动发包机器☆228Sep 8, 2022Updated 3 years ago
- FinalShellDecodePass 加密解密☆83Dec 1, 2021Updated 4 years ago
- confluence CVE-2023-22527 漏洞利用工具,支持冰蝎/哥斯拉内存马注入,支持设置 http 代理☆41Apr 24, 2024Updated last year