safesword/WebExp external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

safesword/WebExp

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/safesword/WebExp)

Close

safesword / WebExpView on GitHubMore

• External links
• Readme badge

2020年~2021年 网站CMS、中间件、框架系统漏洞集合

☆99Mar 3, 2021Updated 5 years ago

Alternatives and similar repositories for WebExp

Users that are interested in WebExp are comparing it to the libraries listed below

• RASSec / WebExp

  View on GitHub
  2020年~2021年 网站CMS、中间件、框架系统漏洞集合
  ☆36Mar 3, 2021Updated 5 years ago
• r0eXpeR / fingerprint

  View on GitHub
  各种工具指纹收集分享
  ☆529Nov 3, 2021Updated 4 years ago
• M-Kings / BypassAv-web

  View on GitHub
  nim一键免杀
  ☆215Mar 8, 2021Updated 4 years ago
• cckuailong / vulbase

  View on GitHub
  各大漏洞文库合集
  ☆757Oct 5, 2021Updated 4 years ago
• sf197 / GetPwd

  View on GitHub
  用CSharp写的一款信息搜集工具，目前支持Navicat、TeamView、Xshell、SecureCRT产品的密码解密
  ☆251Aug 26, 2020Updated 5 years ago
• FunnyWolf / TFirewall

  View on GitHub
  防火墙出网探测工具,内网穿透型socks5代理
  ☆269Nov 12, 2021Updated 4 years ago
• Y4er / WebLogic-Shiro-shell

  View on GitHub
  WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell
  ☆535Aug 25, 2020Updated 5 years ago
• Rvn0xsy / PassDecode-jar

  View on GitHub
  帆软/致远密码解密工具
  ☆360Jul 29, 2021Updated 4 years ago
• dr0op / CrossNet-Beta

  View on GitHub
  红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。
  ☆366Jun 19, 2024Updated last year
• Yihsiwei / GetOut360

  View on GitHub
  强制关闭360 需要管理员权限
  ☆171Feb 6, 2022Updated 4 years ago
• depycode / fastjson-c3p0

  View on GitHub
  fastjson不出网利用、c3p0
  ☆256Jul 30, 2021Updated 4 years ago
• hayasec / 360SafeBrowsergetpass

  View on GitHub
  这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具，用于节省红队工作量，通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
  ☆638Apr 4, 2021Updated 4 years ago
• zilong3033 / fastjsonScan

  View on GitHub
  fastjson漏洞burp插件，检测fastjson<1.2.68基于dnslog，fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
  ☆124May 14, 2021Updated 4 years ago
• cream-sec / JSPHorse

  View on GitHub
  结合反射调用、动态编译、BCEL、defineClass0，ScriptEngine、Expression等技术的一款免杀JSP Webshell生成工具
  ☆19Dec 16, 2021Updated 4 years ago
• NyDubh3 / Pentesting-Active-Directory-CN

  View on GitHub
  域渗透脑图中文翻译版
  ☆280Sep 18, 2021Updated 4 years ago
• idiotc4t / sharpwmi

  View on GitHub
  (批量化改造)sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。
  ☆108Jan 8, 2021Updated 5 years ago
• SummerSec / AgentInjectTool

  View on GitHub
  改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能
  ☆279Nov 28, 2023Updated 2 years ago
• XiaoLi996 / OA-EXP

  View on GitHub
  红队工具：各大OA利用工具，万户、致远、通达等
  ☆259Jul 23, 2021Updated 4 years ago
• AlphabugX / Alphalog

  View on GitHub
  DNSLOG、httplog、rmilog、ldaplog、jndi 等都支持,完全匿名 产品(fuzz.red)，Alphalog与传统DNSLog不同，更快、更安全。
  ☆456Aug 20, 2025Updated 6 months ago
• wgpsec / Automatic-permission-maintenance

  View on GitHub
  CobaltStrike 上线自动权限维持插件
  ☆185Jul 17, 2021Updated 4 years ago
• fengupupup / RocB

  View on GitHub
  鹏 RocB - Java代码审计IDEA插件 SAST
  ☆151Sep 16, 2021Updated 4 years ago
• YinWC / 2021hvv_vul

  View on GitHub
  2021hvv漏洞汇总
  ☆678Apr 24, 2021Updated 4 years ago
• Richard-Tang / x1DecoderPlus

  View on GitHub
  AntSword(蚁剑)全参数流量XOR和Base64加伪装WebShell
  ☆163Sep 28, 2021Updated 4 years ago
• pureqh / bypasswaf

  View on GitHub
  关于安全狗和云锁的自动化绕过脚本
  ☆522Nov 15, 2021Updated 4 years ago
• uknowsec / TailorScan

  View on GitHub
  自用缝合怪内网扫描器，支持端口扫描，识别服务，获取title，扫描多网卡，ms17010扫描，icmp存活探测。
  ☆283Nov 12, 2020Updated 5 years ago
• z1un / Z1-AggressorScripts

  View on GitHub
  适用于Cobalt Strike的插件
  ☆562May 30, 2021Updated 4 years ago
• exp1orer / JNDI-Inject-Exploit

  View on GitHub
  解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
  ☆770Jan 26, 2022Updated 4 years ago
• sairson / MateuszEx

  View on GitHub
  bypass AV生成工具,目前免杀效果不是很好了，但是过个360，火绒啥的没问题
  ☆107Nov 7, 2021Updated 4 years ago
• TryGOTry / go-shellcode-webimg-load

  View on GitHub
  golang shellcode loader 远程图片隐写加载执行 无文件落地
  ☆191Feb 12, 2022Updated 4 years ago
• b0bac / GetMail

  View on GitHub
  利用NTLM Hash读取Exchange邮件
  ☆441Jan 7, 2025Updated last year
• dr0op / bufferfly

  View on GitHub
  攻防演习/渗透测试资产处理小工具，对攻防演习/渗透测试前的信息搜集到的大批量资产/域名进行存活检测、获取标题头、语料提取、常见web端口检测等。
  ☆634Jun 19, 2024Updated last year
• R17a-17 / JavaVulnSummary

  View on GitHub
  Java漏洞分析汇合
  ☆142Dec 14, 2021Updated 4 years ago
• Litch1-v / behinder-clone

  View on GitHub
  魔改的冰蝎，仅供测试连接内存webshell使用
  ☆38Aug 26, 2020Updated 5 years ago
• Veraxy00 / Shiro-EXP

  View on GitHub
  Apache Shiro 反序列化漏洞检测与利用工具，一键注入内存马
  ☆138Jan 20, 2021Updated 5 years ago
• Syst2m / FunnyMeterpreter

  View on GitHub
  与反病毒软件老大哥们的打闹日常
  ☆13Nov 8, 2018Updated 7 years ago
• lintstar / CS-ServerChan

  View on GitHub
  CobaltStike 挂载脚本将上线主机信息通过 Server 酱通知到微信
  ☆98Mar 6, 2023Updated 2 years ago
• safe6Sec / command

  View on GitHub
  红队常用命令速查
  ☆1,014Feb 7, 2026Updated 3 weeks ago
• Daybr4ak / C2ReverseProxy

  View on GitHub
  一款可以在不出网的环境下进行反向代理及cs上线的工具
  ☆491Apr 26, 2023Updated 2 years ago
• safesword / WindowsExp

  View on GitHub
  Windows全版本提权脚本
  ☆32Mar 3, 2021Updated 5 years ago