漏洞POC、EXP合集,持续更新。Apache Druid-任意文件读取(CVE-2021-36749)、ConfluenceRCE(CVE-2021-26084)、ZeroShell防火墙RCE(CVE-2019-12725)、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露
☆174Nov 21, 2021Updated 4 years ago
Alternatives and similar repositories for PocList
Users that are interested in PocList are comparing it to the libraries listed below
Sorting:
- TongdaOA 11.7 ~11.8 通达OA,任意用户登录+后台getshell☆86Jul 16, 2021Updated 4 years ago
- 红队工具:各大OA利用工具,万户、致远、通达等☆259Jul 23, 2021Updated 4 years ago
- POC&EXP仓库、hvv弹药库、Nday、1day☆1,101Nov 11, 2022Updated 3 years ago
- 基于Pocsuite3、goby编写的漏洞poc&exp存档☆881Apr 12, 2024Updated last year
- 各大漏洞文库合集☆757Oct 5, 2021Updated 4 years ago
- goby poc or exp,分享goby最新网络安全漏洞检测或利用代码☆633Jan 11, 2022Updated 4 years ago
- weblogic历史漏洞利用工具☆91Jul 25, 2022Updated 3 years ago
- 利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点☆2,358Jun 9, 2023Updated 2 years ago
- 内网自动化快速打点工具|资产探测|漏洞扫描|服务扫描|弱口令爆破☆456Nov 29, 2023Updated 2 years ago
- 一款交互的免杀工具☆66Mar 20, 2022Updated 3 years ago
- 致远OA综合利用工具☆418Jun 3, 2021Updated 4 years ago
- Lateral movement☆943Feb 28, 2026Updated last week
- SpringScan 漏洞检测 Burp插件☆605Nov 14, 2023Updated 2 years ago
- 红队常用命令速查☆1,015Feb 7, 2026Updated last month
- Struts2漏洞扫描利用工具 - Golang版. Struts2 Scanner Written in Golang☆572Jan 10, 2022Updated 4 years ago
- VMware vCenter Server任意文件上传漏洞 / Code By:Jun_sheng☆21Jul 8, 2022Updated 3 years ago
- 集合渗透测试常用工具进行一键扫描的缝合怪☆211Aug 20, 2022Updated 3 years ago
- PoC for pocsuite3 and nuclei☆56Oct 5, 2022Updated 3 years ago
- 一个开源的、开箱即用的漏洞批量验证框架☆901Oct 24, 2025Updated 4 months ago
- Struts2漏洞扫描 Burp插件☆132Mar 21, 2023Updated 2 years ago
- python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)2021-9-13☆287Oct 28, 2024Updated last year
- OAExploit一款基于产品的一键扫描工具。☆1,481Sep 20, 2022Updated 3 years ago
- burp插件 ShiroScan 主要用于框架、无dnslog key检测,在大佬的基础上加入shiro>1.2.42(AES GCM)☆17May 6, 2021Updated 4 years ago
- 内网渗透测试工具,弱密码爆破、信息收集和漏洞扫描☆609Jan 31, 2024Updated 2 years ago
- 自用的动态代理小工具☆561Oct 30, 2023Updated 2 years ago
- Shiro-550 不依赖CC链利用工具☆450Jun 19, 2024Updated last year
- 🚀 一款为了学习go而诞生的漏洞利用工具☆450Jun 14, 2022Updated 3 years ago
- ByPassBehinder / 冰蝎WebShell免杀生成 / Code By:Tas9er☆830May 28, 2022Updated 3 years ago
- 高危漏洞精准检测与深度利用框架☆1,456Jan 8, 2023Updated 3 years ago
- X系列安全工具-AV免杀框架-BypassAV☆207Oct 6, 2022Updated 3 years ago
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,049Oct 7, 2022Updated 3 years ago
- shiro综合利用工具☆647Apr 15, 2023Updated 2 years ago
- Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-…☆1,079May 11, 2023Updated 2 years ago
- 输入域名>爆破子域名>扫描子域名端口>发现扫描web服务>集成报告的全流程全自动扫描器。集成oneforall、masscan、nmap、dirsearch、crawlergo、xray等工具,另支持cdn识别、网页截图、站点定位;动态识别域名并添加功能、工具超时中断等☆807Mar 13, 2024Updated last year
- golang写的批量对目标网站进行截图的小工具,适合目标资产比较多时,快速定位薄弱点。☆33Oct 14, 2022Updated 3 years ago
- golang uuid-shellcode加载器,分离执行,可直接把shellcode写入程序。☆15Aug 12, 2021Updated 4 years ago
- 自研JavaFX图形化漏洞扫描工具,支持ThinkPHP 2.x RCE,Thinkphp5 5.0.22/5.1.29RCE,ThinkPHP5 5.0.23RCE和ThinkPHP5 SQL注入漏洞和敏感信息泄露漏洞的漏洞检测,以及命令执行的功能。漏洞POC基本适用Th…☆16May 19, 2022Updated 3 years ago
- spring框架漏洞扫描☆103Jan 4, 2022Updated 4 years ago
- 一款红队在大量的资产中存活探测与重点攻击系统指纹探测工具☆1,716Dec 22, 2023Updated 2 years ago