safesword/WebExp

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/safesword/WebExp)

safesword / WebExp

2020年~2021年网站CMS、中间件、框架系统漏洞集合

☆101

Alternatives and similar repositories for WebExp

Users that are interested in WebExp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

RASSec / WebExp
View on GitHub
2020年~2021年网站CMS、中间件、框架系统漏洞集合
☆36Mar 3, 2021Updated 5 years ago
M-Kings / BypassAv-web
View on GitHub
nim一键免杀
☆216Mar 8, 2021Updated 5 years ago
r0eXpeR / fingerprint
View on GitHub
各种工具指纹收集分享
☆529Nov 3, 2021Updated 4 years ago
safesword / WindowsExp
View on GitHub
Windows全版本提权脚本
☆32Mar 3, 2021Updated 5 years ago
cckuailong / vulbase
View on GitHub
各大漏洞文库合集
☆759Oct 5, 2021Updated 4 years ago
Managed Kubernetes at scale on DigitalOcean • Ad
DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
sf197 / GetPwd
View on GitHub
用CSharp写的一款信息搜集工具，目前支持Navicat、TeamView、Xshell、SecureCRT产品的密码解密
☆251Aug 26, 2020Updated 5 years ago
FunnyWolf / TFirewall
View on GitHub
防火墙出网探测工具,内网穿透型socks5代理
☆270Nov 12, 2021Updated 4 years ago
Y4er / WebLogic-Shiro-shell
View on GitHub
WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell
☆534Aug 25, 2020Updated 5 years ago
sairson / MateuszEx
View on GitHub
bypass AV生成工具,目前免杀效果不是很好了，但是过个360，火绒啥的没问题
☆106Nov 7, 2021Updated 4 years ago
Rvn0xsy / PassDecode-jar
View on GitHub
帆软/致远密码解密工具
☆360Jul 29, 2021Updated 4 years ago
hayasec / 360SafeBrowsergetpass
View on GitHub
这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具，用于节省红队工作量，通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
☆637Apr 4, 2021Updated 5 years ago
depycode / fastjson-c3p0
View on GitHub
fastjson不出网利用、c3p0
☆257Jul 30, 2021Updated 4 years ago
Yihsiwei / GetOut360
View on GitHub
强制关闭360 需要管理员权限
☆171Feb 6, 2022Updated 4 years ago
zilong3033 / fastjsonScan
View on GitHub
fastjson漏洞burp插件，检测fastjson<1.2.68基于dnslog，fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
☆126May 14, 2021Updated 4 years ago
Virtual machines for every use case on DigitalOcean • Ad
Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
dr0op / CrossNet-Beta
View on GitHub
红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。
☆367Jun 19, 2024Updated last year
NyDubh3 / Pentesting-Active-Directory-CN
View on GitHub
域渗透脑图中文翻译版
☆281Sep 18, 2021Updated 4 years ago
TryGOTry / go-shellcode-webimg-load
View on GitHub
golang shellcode loader 远程图片隐写加载执行无文件落地
☆191Feb 12, 2022Updated 4 years ago
fengupupup / RocB
View on GitHub
鹏 RocB - Java代码审计IDEA插件 SAST
☆151Sep 16, 2021Updated 4 years ago
idiotc4t / sharpwmi
View on GitHub
(批量化改造)sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。
☆109Jan 8, 2021Updated 5 years ago
Litch1-v / behinder-clone
View on GitHub
魔改的冰蝎，仅供测试连接内存webshell使用
☆38Aug 26, 2020Updated 5 years ago
SummerSec / AgentInjectTool
View on GitHub
改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能
☆280Nov 28, 2023Updated 2 years ago
cream-sec / JSPHorse
View on GitHub
结合反射调用、动态编译、BCEL、defineClass0，ScriptEngine、Expression等技术的一款免杀JSP Webshell生成工具
☆19Dec 16, 2021Updated 4 years ago
b0bac / GetMail
View on GitHub
利用NTLM Hash读取Exchange邮件
☆443Mar 23, 2026Updated 3 weeks ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
exp1orer / JNDI-Inject-Exploit
View on GitHub
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
☆775Jan 26, 2022Updated 4 years ago
XiaoLi996 / OA-EXP
View on GitHub
红队工具：各大OA利用工具，万户、致远、通达等
☆260Jul 23, 2021Updated 4 years ago
AlphabugX / Alphalog
View on GitHub
DNSLOG、httplog、rmilog、ldaplog、jndi 等都支持,完全匿名产品(fuzz.red)，Alphalog与传统DNSLog不同，更快、更安全。
☆457Aug 20, 2025Updated 7 months ago
Maskhe / CVE-2020-15148-bypasses
View on GitHub
几条关于CVE-2020-15148（yii2反序列化）的绕过
☆75Sep 21, 2020Updated 5 years ago
pmiaowu / log4j2Scan
View on GitHub
用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
☆212Apr 18, 2023Updated 2 years ago
pureqh / bypasswaf
View on GitHub
关于安全狗和云锁的自动化绕过脚本
☆524Nov 15, 2021Updated 4 years ago
YinWC / 2021hvv_vul
View on GitHub
2021hvv漏洞汇总
☆678Apr 24, 2021Updated 4 years ago
r0eXpeR / supplier
View on GitHub
主流供应商的一些攻击性漏洞汇总
☆808Nov 8, 2021Updated 4 years ago
uknowsec / TailorScan
View on GitHub
自用缝合怪内网扫描器，支持端口扫描，识别服务，获取title，扫描多网卡，ms17010扫描，icmp存活探测。
☆284Nov 12, 2020Updated 5 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
NS-Sp4ce / AliyunAccessKeyTools
View on GitHub
阿里云AccessKey泄漏利用工具
☆152Jul 16, 2021Updated 4 years ago
Veraxy00 / Shiro-EXP
View on GitHub
Apache Shiro 反序列化漏洞检测与利用工具，一键注入内存马
☆139Jan 20, 2021Updated 5 years ago
dr0op / bufferfly
View on GitHub
攻防演习/渗透测试资产处理小工具，对攻防演习/渗透测试前的信息搜集到的大批量资产/域名进行存活检测、获取标题头、语料提取、常见web端口检测等。
☆635Jun 19, 2024Updated last year
zu1k / ldap-log
View on GitHub
一个LDAP请求监听器，摆脱dnslog平台和java
☆35Feb 4, 2023Updated 3 years ago
z1un / Z1-AggressorScripts
View on GitHub
适用于Cobalt Strike的插件
☆563May 30, 2021Updated 4 years ago
lintstar / CS-ServerChan
View on GitHub
CobaltStike 挂载脚本将上线主机信息通过 Server 酱通知到微信
☆99Mar 6, 2023Updated 3 years ago
0x727 / SqlKnife_0x727
View on GitHub
适合在命令行中使用的轻巧的SQL Server数据库安全检测工具
☆432Oct 23, 2021Updated 4 years ago