theLSA / burp-unauth-checker
burpsuite extension for check unauthorized vulnerability
☆228Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for burp-unauth-checker
- 一款基于burp的反射xss检测插件☆151Updated 2 years ago
- A Burp Extender for checking for struts 2 RCE vulnerabilities.☆280Updated 5 months ago
- 一个子域名接管检测工具☆137Updated 3 years ago
- JSONP Hunter in burpsuite.☆207Updated 4 years ago
- ☆319Updated 3 years ago
- 🐸Unauthorized Detection Framework未授权访问检测框架☆158Updated 10 months ago
- 用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件☆201Updated last year
- 域渗透脑图中文翻译版☆276Updated 3 years ago
- 扫描jboss常见漏洞路径是否存在。☆81Updated 4 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆112Updated 3 years ago
- BurpBounty插件的配置文件收集项目☆140Updated 3 years ago
- 批量检测log4j漏洞,主要还是批量fuzzz 头☆33Updated 2 years ago
- burpsuite extension for extract information from data☆84Updated 5 months ago
- Shiro-721 RCE Via RememberMe Padding Oracle Attack☆254Updated 4 years ago
- Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】☆236Updated 2 years ago
- 《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库!Tribute to the most invincible Java logging library in the universe!☆195Updated last year
- Redis-Attack By Replication (通过主从复制攻击Redis)☆315Updated last year
- fastjson 被动 扫描、不出网payload生成☆369Updated 2 years ago
- 一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。☆349Updated 3 years ago
- 致力于收集Goby PoC,请勿用于非法操作,后果自负。☆248Updated 2 years ago
- 扫描常见未授权访问(redis、mongodb、memcached、elasticsearch、zookeeper、ftp、CouchDB、docker、Hadoop)☆185Updated 4 years ago
- AWS云平台 AccessKey 泄漏利用工具☆345Updated last year
- 一个自动化bypass 403/auth的Burpsuite插件☆180Updated 2 years ago
- CVE-2022-22947☆220Updated 2 years ago
- ☆489Updated 2 years ago
- 🧬 辅助生成 XRay YAML POC☆261Updated last year
- CVE-2020-14882_ALL综合利用工具,支持命令回显检测、批量命令回显、外置xml无回显命令执行等功能。☆144Updated 2 years ago
- 一款用于辅助渗透测试工程师日常渗透测试的Burp被动漏扫插件☆237Updated last year
- 集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具,使用docker封装运行;使用oneforall自动遍历子域名并扫描;☆116Updated 3 years ago