漏洞POC、EXP合集,持续更新。Apache Druid-任意文件读取(CVE-2021-36749)、ConfluenceRCE(CVE-2021-26084)、ZeroShell防火墙RCE(CVE-2019-12725)、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露
☆174Nov 21, 2021Updated 4 years ago
Alternatives and similar repositories for PocList
Users that are interested in PocList are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- TongdaOA 11.7 ~11.8 通达OA,任意用户登录+后台getshell☆86Jul 16, 2021Updated 4 years ago
- 红队工具:各大OA利用工具,万户、致远、通达等☆259Jul 23, 2021Updated 4 years ago
- 渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetrat…☆28Jul 23, 2020Updated 5 years ago
- POC&EXP仓库、hvv弹药库、Nday、1day☆1,103Nov 11, 2022Updated 3 years ago
- 基于Pocsuite3、goby编写的漏洞poc&exp存档☆884Apr 12, 2024Updated last year
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- 各大漏洞文库合集☆757Oct 5, 2021Updated 4 years ago
- goby poc or exp,分享goby最新网络安全漏洞检测或利用代码☆632Jan 11, 2022Updated 4 years ago
- 利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点☆2,357Jun 9, 2023Updated 2 years ago
- weblogic历史漏洞利用工具☆91Jul 25, 2022Updated 3 years ago
- 一款交互的免杀工具☆66Mar 20, 2022Updated 4 years ago
- PoC for pocsuite3 and nuclei☆56Oct 5, 2022Updated 3 years ago
- Lateral Movement☆943Updated this week
- SpringScan 漏洞检测 Burp插件☆606Nov 14, 2023Updated 2 years ago
- 致远OA综合利用工具☆418Jun 3, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- 内网自动化快速打点工具|资产探测|漏洞扫描|服务扫描|弱口令爆破☆456Nov 29, 2023Updated 2 years ago
- 集合渗透测试常用工具进行一键扫描的缝合怪☆211Aug 20, 2022Updated 3 years ago
- 内网渗透测试工具,弱密码爆破、信息收集和漏洞扫描☆611Jan 31, 2024Updated 2 years ago
- 一个开源的、开箱即用的漏洞批量验证框架☆903Oct 24, 2025Updated 5 months ago
- 2021hvv漏洞汇总☆678Apr 24, 2021Updated 4 years ago
- OAExploit一款基于产品的一键扫描工具。☆1,480Sep 20, 2022Updated 3 years ago
- 红队常用命令速查☆1,017Mar 17, 2026Updated last week
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,051Oct 7, 2022Updated 3 years ago
- VMware vCenter Server任意文件上传漏洞 / Code By:Jun_sheng☆21Jul 8, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Struts2漏洞扫描利用工具 - Golang版. Struts2 Scanner Written in Golang☆571Jan 10, 2022Updated 4 years ago
- 高危漏洞精准检测与深度利用框架☆1,459Jan 8, 2023Updated 3 years ago
- 输入域名>爆破子域名>扫描子域名端口>发现扫描web服务>集成报告的全流程全自动扫描器。集成oneforall、masscan、nmap、dirsearch、crawlergo、xray等工具,另支持cdn识别、网页截图、站点定位;动态识别域名并添加功能、工具超时中断等☆807Mar 13, 2024Updated 2 years ago
- X系列安全工具-AV免杀框架-BypassAV☆207Oct 6, 2022Updated 3 years ago
- Shiro-550 不依赖CC链利用工具☆450Jun 19, 2024Updated last year
- 🚀 一款为了学习go而诞生的漏洞利用工具☆451Jun 14, 2022Updated 3 years ago
- 强大的内网渗透辅助工具集-让Yasso像风一样 支持rdp,ssh,redis,postgres,mongodb,mssql,mysql,winrm等服务爆破,快速的端口扫描,强大的web指纹识别,各种内置服务的一键利用(包括ssh完全交互式登陆,mssql提权,redis…☆1,596Jul 27, 2022Updated 3 years ago
- python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)2021-9-13☆287Oct 28, 2024Updated last year
- 批量ShiroKey检测爆破工具☆308Jan 4, 2023Updated 3 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-…☆1,078May 11, 2023Updated 2 years ago
- Struts2漏洞扫描 Burp插件☆131Mar 21, 2023Updated 3 years ago
- 研究利用golang各种姿势bypassAV☆817Apr 11, 2022Updated 3 years ago
- golang写的批量对目标网站进行截图的小工具,适合目标资产比较多时,快速定位薄弱点。☆33Oct 14, 2022Updated 3 years ago
- 一款红队在大量的资产中存活探测与重点攻击系统指纹探测工具☆1,715Dec 22, 2023Updated 2 years ago
- Log4j2 RCE Passive Scanner plugin for BurpSuite☆830Aug 4, 2023Updated 2 years ago
- FofaMap v2.0 是一款基于 Python3 开发的全网首个 AI 驱动红队资产测绘智能体。在延续原有 FOFA 数据采集、存活检测、统计聚合、图标 Hash 及批量查询等核心功能的基础上,2.0 版本原生支持 MCP 协议,可无缝接入 Cursor、Claude …☆622Updated this week