sry309 / XXE-Payload

Related projects ⓘ

Alternatives and complementary repositories for XXE-Payload

• zer0yu / Open-PoC
  PoC for pocsuite3 and nuclei
  ☆55Updated 2 years ago
• sv3nbeast / X-AutoXray
  AutoScan 有多个目标时，多线程调用xray+rad进行自动扫描
  ☆88Updated 2 years ago
• 7dog7 / RuleSubDomain
  规则组合子域名字典生成
  ☆27Updated 4 years ago
• KpLi0rn / DeserializeAll
  一个简单的批量反编译jar包的小脚本
  ☆30Updated 2 years ago
• Al1ex / Hadoop-Yarn-ResourceManager-RCE
  Hadoop Yan ResourceManager unauthorized RCE
  ☆34Updated 2 years ago
• Maskhe / BugBountyNotes
  简单记录下自己在挖掘SRC
  ☆31Updated 4 years ago
• ox01024 / Wwaf
  Wwaf is a small tool for identifying Web application firewall (WAF) products.
  ☆24Updated last year
• test502git / Hosts_scanV2
  这是一个用于IP和域名碰撞匹配访问的小工具优化版，能减少碰撞中出来的误报，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
  ☆45Updated 3 years ago
• jx4321 / vuldirscan
  一个介于目录扫描与poc验证之间的新生儿
  ☆20Updated last year
• lu2ker / ApiHelper
  一款BurpSuite插件，辅助手工测试
  ☆71Updated last year
• Whoopsunix / nacosScan
  nacos api bypass & jwt bypass & get all configs
  ☆37Updated last year
• cckuailong / YarnRpcRCE
  ☆81Updated 3 years ago
• Captain0X / HunterUrls
  ☆15Updated last year
• No4l / Burp4SSRF
  burp extension for SSRF
  ☆25Updated last year
• woodpecker-framework / woodpecker-requests
  woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。
  ☆67Updated last year
• Aur0ra-m / Autorize
  Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…
  ☆29Updated 11 months ago
• chroblert / JC-AntiToken
  burp插件：python版，token防重放绕过
  ☆19Updated 3 years ago
• M1k0er / SSRF-SCAN
  一款被动扫描ssrf的burpsuite插件
  ☆20Updated last year
• JohnnyZhouX / Intranet-Hacking
  内网渗透相关总结
  ☆37Updated 3 years ago
• ShangRui-hash / bucket-takeover-lab
  子域名接管的几种变体靶场
  ☆22Updated 5 months ago
• coffeehb / Spring4Shell
  一个Spring4Shell 被动式检测的Burp插件
  ☆93Updated 2 years ago
• Y0-kan / Log4jShell-Scan
  log4j2 RCE漏洞（CVE-2021-44228)内网扫描器，可用于在不出网的条件下进行漏洞扫描，帮助企业内部快速发现Log4jShell漏洞。
  ☆36Updated 2 years ago
• smilexxfire / AssertManager
  手动收集各大SRC平台主域名，通过程序自动处理以格式化存入数据库中，便于配合其它信息搜集工具进一步测试。
  ☆29Updated last month
• A0WaQ4 / BurpCRLFScan
  使用java编写的CRLF-Injection-burp被动扫描插件
  ☆44Updated last year
• pmiaowu / BurpHttpForwardRequests
  burp-http请求转发至其他模块的插件
  ☆76Updated 4 years ago
• uknowsec / WeChatMsg
  修改https://github.com/LC044/WeChatMsg 实现离线解密展示聊天记录
  ☆28Updated 10 months ago
• Getshell / PassiveScan
  PassiveScan-被动扫描之巅
  ☆66Updated 11 months ago
• epony4c / urldict
  ☆24Updated last year