Reference:https://www.w2n1ck.com/article/44/
☆155Mar 7, 2020Updated 6 years ago
Alternatives and similar repositories for BurpSuite-Extender-fastjson
Users that are interested in BurpSuite-Extender-fastjson are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- CommonsBeanutils1,CommonsCollectionsK1☆58Nov 16, 2020Updated 5 years ago
- 内网渗透中常用的c#程序整合成cs脚本,直接内存加载。持续更新~☆499Feb 13, 2020Updated 6 years ago
- ☆318Jun 4, 2021Updated 4 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,389Dec 16, 2022Updated 3 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- 读取登录过本机的登录失败或登录成功的所有计算机信息,在内网渗透中快速定位运维管理人员。☆221Sep 30, 2019Updated 6 years ago
- 对目标域名进行快速的存活扫描、简单的指纹识别、目录扫描☆913Dec 8, 2022Updated 3 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆967Jun 16, 2024Updated last year
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,014May 21, 2024Updated last year
- 从wooyun中提取的payload,以及burp插件☆841Jun 17, 2022Updated 3 years ago
- cobaltstrike ms17-010 module and some other☆418Jun 13, 2019Updated 6 years ago
- fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.☆229Oct 12, 2022Updated 3 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆125May 14, 2021Updated 4 years ago
- Shiro<=1.2.4反序列化,一键检测工具☆987Mar 4, 2021Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- 修改frp支持域前置与配置文件自删除☆397Dec 31, 2020Updated 5 years ago
- Shiro550/Shiro721 一键化利用工具,支持多种回显方式☆1,953Jun 4, 2021Updated 4 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆712May 10, 2021Updated 4 years ago
- SRC子域名资产监控☆1,298Jan 14, 2021Updated 5 years ago
- PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penetration checklist☆663Feb 24, 2021Updated 5 years ago
- Tomcat-Ajp协议文件读取漏洞☆797Mar 3, 2020Updated 6 years ago
- shiro 反序列 命令执行辅助检测工具☆1,566May 21, 2024Updated last year
- Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法☆400Jan 24, 2025Updated last year
- Weblogic IIOP CVE-2020-2551☆338Apr 7, 2020Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- 瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf☆717Jul 20, 2022Updated 3 years ago
- EHole(棱洞)-红队重点攻击系统指纹探测工具☆471Jan 27, 2021Updated 5 years ago
- Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测☆521May 21, 2020Updated 5 years ago
- Shiro-550 不依赖CC链利用工具☆450Jun 19, 2024Updated last year
- More Easier Burp Extension To Solve Javascript Front End Encryption,一款更易使用的解决前端加密问题的Burp插件。☆46Apr 15, 2020Updated 5 years ago
- 通过BurpSuite来构建自己的爆破字典,可以通过字典爆破来发现隐藏资产。☆502Jan 30, 2024Updated 2 years ago
- POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞, 对功能进行强化以及脚本进行分类添加,自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC☆357Mar 12, 2020Updated 6 years ago
- 📧Coremail邮件系统组织通讯录导出脚本☆158Sep 28, 2021Updated 4 years ago
- Shiro反序列化利用工具,支持新版本(AES-GCM)Shiro的key爆破,配合ysoserial,生成回显Payload☆896May 28, 2021Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Burpsuite-Plugins-Usage☆517Apr 7, 2020Updated 5 years ago
- 一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具☆740Dec 8, 2022Updated 3 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- Burp suite 分块传输辅助插件☆2,029Feb 23, 2022Updated 4 years ago
- 一款基于webshell命令执行功能实现的GUI webshell管理工具,支持流量加密☆219Jun 4, 2021Updated 4 years ago
- bayonet是一款src资产管理系统,从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统☆1,510Nov 22, 2022Updated 3 years ago
- 这个脚本主要提供对Exchange邮件服务器的账户爆破功能,集成了现有主流接口的爆破方式。☆339May 22, 2023Updated 2 years ago