sqlsec/upload-labs-docker

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/sqlsec/upload-labs-docker)

sqlsec / upload-labs-docker

国光的文件上传靶场，基于 upload-labs 定制

☆207

Alternatives and similar repositories for upload-labs-docker

Users that are interested in upload-labs-docker are comparing it to the libraries listed below

Sorting:

sqlsec / ssrf-vuls
View on GitHub
国光的手把手带你用 SSRF 打穿内网靶场源码
☆409May 10, 2021Updated 4 years ago
li8u99 / AWD-WebKiller
View on GitHub
适用AWD-WEB的各种场景下的攻击框架。
☆22May 26, 2023Updated 2 years ago
ffffffff0x / f8x
View on GitHub
红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool
☆2,087Jan 27, 2026Updated last month
xiecat / sylas
View on GitHub
根据多个不同地区进行聚合查询以获取更多 fofa 数据
☆28Jul 24, 2023Updated 2 years ago
bigsizeme / shiro-check
View on GitHub
Shiro反序列化回显利用、内存shell、检查 Burp插件
☆217Sep 1, 2022Updated 3 years ago
NHPT / FireEyeGoldCrystal
View on GitHub
一个GitHub监控和信息收集工具，支持监控和收集CVE、免杀、漏洞利用等内置关键字和自定义关键字。
☆355Jul 25, 2024Updated last year
smxiazi / NEW_xp_CAPTCHA
View on GitHub
xp_CAPTCHA(瞎跑白嫖版) burp 验证码识别 burp插件
☆1,033Oct 11, 2024Updated last year
c0ny1 / xxe-lab
View on GitHub
一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo
☆816Nov 28, 2022Updated 3 years ago
tangxiaofeng7 / SecExample
View on GitHub
JAVA 漏洞靶场 (Vulnerability Environment For Java)
☆482Jul 15, 2021Updated 4 years ago
SwagXz / encrypt-labs
View on GitHub
前端加密对抗练习靶场，包含非对称加密、对称加密、加签以及禁止重放的测试场景，比如AES、DES、RSA，用于渗透测试练习
☆548Jun 17, 2025Updated 8 months ago
pmiaowu / BurpFastJsonScan
View on GitHub
一款基于BurpSuite的被动式FastJson检测插件
☆1,238Oct 1, 2022Updated 3 years ago
gh0stkey / HaE
View on GitHub
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
☆4,046Updated this week
ScriptKid-Beta / Unexpected_information
View on GitHub
Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。
☆688Jan 4, 2021Updated 5 years ago
13exp / SpringBoot-Scan-GUI
View on GitHub
☆618Nov 27, 2023Updated 2 years ago
le31ei / ctf_challenges
View on GitHub
适用于一线安服的ctf培训题目，全docker环境一键启动
☆553Nov 8, 2023Updated 2 years ago
lanyi1998 / DNSlog-GO
View on GitHub
DNSLog-GO 是一款golang编写的监控 DNS 解析记录的工具，自带WEB界面 / DNSLog-GO is a monitoring tool written in Golang that monitors DNS resolution records. It …
☆1,273Jan 21, 2026Updated last month
zzhorc / tomcat_memshell_scanner0.2
View on GitHub
tomcat的servlet、filter、listener内存马查杀工具
☆38Sep 20, 2023Updated 2 years ago
0xs1riu5 / vulawdhub
View on GitHub
该项目是利用docker技术创建的有漏洞的cms环境集合，可以进行练习
☆197Apr 19, 2023Updated 2 years ago
yhy0 / AVByPass
View on GitHub
一款Web在线自动免杀工具
☆189Mar 1, 2024Updated 2 years ago
theLSA / emergency-response-checklist
View on GitHub
应急响应指南 / emergency response checklist
☆708Mar 13, 2020Updated 5 years ago
fofapro / vulfocus
View on GitHub
🚀Vulfocus 是一个漏洞集成平台，将漏洞环境 docker 镜像，放入即可使用，开箱即用。
☆3,434Sep 9, 2025Updated 5 months ago
c0ny1 / vulstudy
View on GitHub
使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。
☆2,420Mar 25, 2020Updated 5 years ago
gh0stkey / Web-Fuzzing-Box
View on GitHub
Web Fuzzing Box - Web 模糊测试字典与一些Payloads
☆2,444May 28, 2025Updated 9 months ago
Mochazz / ThinkPHP-Vuln
View on GitHub
关于ThinkPHP框架的历史漏洞分析集合
☆1,118Jan 18, 2020Updated 6 years ago
rtcatc / Packer-Fuzzer
View on GitHub
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack…
☆3,209May 24, 2024Updated last year
KimJun1010 / WeblogicTool
View on GitHub
WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）
☆1,773Nov 1, 2023Updated 2 years ago
kelvinBen / AppInfoScanner
View on GitHub
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN…
☆3,510Dec 18, 2022Updated 3 years ago
jayus0821 / swagger-hack
View on GitHub
自动化爬取并自动测试所有swagger接口
☆1,162Dec 1, 2025Updated 3 months ago
woodpecker-framework / woodpecker-framework-release
View on GitHub
高危漏洞精准检测与深度利用框架
☆1,456Jan 8, 2023Updated 3 years ago
c0ny1 / upload-labs
View on GitHub
一个想帮你总结所有类型的上传漏洞的靶场
☆4,124Jun 26, 2023Updated 2 years ago
momosecurity / FindSomething
View on GitHub
基于chrome、firefox插件的被动式信息泄漏检测工具
☆1,381Nov 17, 2024Updated last year
Maskhe / FastjsonScan
View on GitHub
一个简单的Fastjson反序列化检测burp插件
☆970Jun 18, 2021Updated 4 years ago
dark-kingA / superSearchPlus
View on GitHub
superSearchPlus是聚合型信息收集插件，支持综合查询，资产测绘查询，信息收集敏感信息提取 js资源扫描目录扫描 vue组件扫描整合了目前常见的资产测绘平台专为白帽子提供快速侦测目标。
☆1,435Dec 16, 2024Updated last year
fKzhangsa / FilterJs
View on GitHub
Burp的JS API接口过滤插件
☆127Dec 27, 2023Updated 2 years ago
hongriSec / PHP-Audit-Labs
View on GitHub
一个关于PHP的代码审计项目
☆1,909Sep 17, 2019Updated 6 years ago
c0ny1 / upload-fuzz-dic-builder
View on GitHub
上传漏洞fuzz字典生成脚本
☆1,270Apr 1, 2021Updated 4 years ago
whgojp / JavaSecLab
View on GitHub
JavaSecLab is a comprehensive Java vulnerability platform｜ JavaSecLab是一款综合型Java漏洞平台，提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范，覆盖多种漏洞场景，友好用户交互U…
☆812Mar 23, 2025Updated 11 months ago
Kento-Sec / AsamF
View on GitHub
AsamF是集成Fofa、Quake、Hunter、Shodan、Zoomeye、Chinaz、0.zone及爱企查的一站式企业信息资产收集、网络资产测绘工具。
☆586Aug 24, 2023Updated 2 years ago
aw220 / InOne
View on GitHub
一个BurpSuite插件，想法是简化日常挖洞流程
☆14Jun 28, 2022Updated 3 years ago