Reference:https://www.w2n1ck.com/article/44/
☆155Mar 7, 2020Updated 5 years ago
Alternatives and similar repositories for BurpSuite-Extender-fastjson
Users that are interested in BurpSuite-Extender-fastjson are comparing it to the libraries listed below
Sorting:
- CommonsBeanutils1,CommonsCollectionsK1☆58Nov 16, 2020Updated 5 years ago
- 内网渗透中常用的c#程序整合成cs脚本,直接内存加载。持续更新~☆498Feb 13, 2020Updated 6 years ago
- ☆318Jun 4, 2021Updated 4 years ago
- 读取登录过本机的登录失败或登录成功的所有计算机信息,在内网渗透中快速定位运维管理人员。☆221Sep 30, 2019Updated 6 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,389Dec 16, 2022Updated 3 years ago
- 在��渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 3 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆968Jun 16, 2024Updated last year
- 对目标域名进行快速的存活扫描、简单的指纹识别、目录扫描☆915Dec 8, 2022Updated 3 years ago
- cobaltstrike ms17-010 module and some other☆419Jun 13, 2019Updated 6 years ago
- fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.☆229Oct 12, 2022Updated 3 years ago
- PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penetration checklist☆663Feb 24, 2021Updated 5 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆124May 14, 2021Updated 4 years ago
- 从wooyun中提取的payload,以及burp插件☆842Jun 17, 2022Updated 3 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,012May 21, 2024Updated last year
- 修改frp支持域前置与配置文件自删除☆397Dec 31, 2020Updated 5 years ago
- Shiro<=1.2.4反序列化,一键检测工具☆987Mar 4, 2021Updated 5 years ago
- SRC子域名资产监控☆1,299Jan 14, 2021Updated 5 years ago
- Shiro550/Shiro721 一键化利用工具,支持多种回显方式☆1,951Jun 4, 2021Updated 4 years ago
- Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测☆522May 21, 2020Updated 5 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆711May 10, 2021Updated 4 years ago
- Tomcat-Ajp协议文件读取漏洞☆797Mar 3, 2020Updated 6 years ago
- 通过BurpSuite来构建自己的爆破字典,可以通过字典爆破来发现隐藏资产。☆501Jan 30, 2024Updated 2 years ago
- 瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf☆717Jul 20, 2022Updated 3 years ago
- 一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具☆738Dec 8, 2022Updated 3 years ago
- Shiro-550 不依赖CC链利用工具☆451Jun 19, 2024Updated last year
- EHole(棱洞)-红队重点攻击系统指纹探测工具☆471Jan 27, 2021Updated 5 years ago
- shiro 反序列 命令执行辅助检测工具☆1,563May 21, 2024Updated last year
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- More Easier Burp Extension To Solve Javascript Front End Encryption,一款更易使用的解决前端加密问题的Burp插件。☆46Apr 15, 2020Updated 5 years ago
- Weblogic IIOP CVE-2020-2551☆339Apr 7, 2020Updated 5 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- Java RCE 回显测试代码☆1,016Oct 15, 2020Updated 5 years ago
- 📧Coremail邮件系统组织通讯录导出脚本☆158Sep 28, 2021Updated 4 years ago
- Burpsuite-Plugins-Usage☆518Apr 7, 2020Updated 5 years ago
- Shiro反序列化利用工具,支持新版本(AES-GCM)Shiro的key爆破,配合ysoserial,生成回显Payload☆896May 28, 2021Updated 4 years ago
- 一款基于webshell命令执行功能实现的GUI webshell管理工具,支持流量加密☆218Jun 4, 2021Updated 4 years ago
- 这是一个抓取浏览器密码的工具,后续会添加更多功能☆1,455May 21, 2022Updated 3 years ago
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,404Jan 18, 2022Updated 4 years ago
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆535Aug 25, 2020Updated 5 years ago