wgpsec/cloudsword external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

wgpsec/cloudsword

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/wgpsec/cloudsword)

Close

wgpsec / cloudswordView on GitHubMore

• External links
• Readme badge

一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具

☆604Feb 3, 2026Updated 3 months ago

Alternatives and similar repositories for cloudsword

Users that are interested in cloudsword are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• wgpsec / lc

  View on GitHub
  LC（List Cloud）是一个多云攻击面资产梳理工具
  ☆641Oct 6, 2024Updated last year
• ReaJason / MemShellParty

  View on GitHub
  一款专注于 Java 主流 Web 中间件的内存马快速生成工具，致力于简化安全研究人员和红队成员的工作流程，提升攻防效率
  ☆1,465Apr 26, 2026Updated 3 weeks ago
• DeEpinGh0st / MDUT-Extend-Release

  View on GitHub
  MDUT-Extend(扩展版本)
  ☆923Mar 27, 2026Updated last month
• vulhub / java-chains

  View on GitHub
  Java Vulnerability Exploitation Platform
  ☆2,056Apr 29, 2026Updated 3 weeks ago
• zema1 / suo5

  View on GitHub
  高性能 HTTP 正向代理工具 | A high-performance http tunneling tool
  ☆2,718Feb 2, 2026Updated 3 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• lintstar / SharpHunter

  View on GitHub
  Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具
  ☆551Apr 15, 2025Updated last year
• SpringKill-team / CodeAuditAssistant

  View on GitHub
  🔍 CodeAuditAssistant - JetBrains Code Audit Plugin (Beta) ⚡ Deep Call-Chain Tracking | 🚀 Method/Class Search | 🔥 Prebuilt Vuln Sink…
  ☆786Mar 14, 2026Updated 2 months ago
• dark-kingA / cloudTools

  View on GitHub
  云资产管理工具 目前工具定位是云安全相关工具，目前是两个模块 云存储工具、云服务工具， 云存储工具主要是针对oss存储、查看、删除、上传、下载、预览等等 云服务工具主要是针对rds、服务器的管理，查看、执行命令、接管等等
  ☆1,155Feb 26, 2026Updated 2 months ago
• pen4uin / java-memshell-generator

  View on GitHub
  一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
  ☆2,191Aug 21, 2025Updated 9 months ago
• Phelaine / SinkFinder

  View on GitHub
  闭源系统半自动漏洞挖掘工具，针对 jar/war/zip 进行静态代码分析，输出从source到sink的可达路径。LLM将验证路径可达性，并根据上下文给出该路径可信分数
  ☆510Jan 12, 2026Updated 4 months ago
• Lotus6 / ConfluenceMemshell

  View on GitHub
  Confluence CVE 2021，2022，2023 利用工具，支持命令执行，哥斯拉，冰蝎 内存马注入
  ☆560Feb 1, 2024Updated 2 years ago
• whwlsfb / JDumpSpider

  View on GitHub
  HeapDump敏感信息提取工具
  ☆1,657Dec 15, 2025Updated 5 months ago
• qwqdanchun / Pillager

  View on GitHub
  Pillager是一个适用于后渗透期间的信息收集工具
  ☆1,283Sep 7, 2024Updated last year
• KimJun1010 / WeblogicTool

  View on GitHub
  WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）
  ☆1,786Nov 1, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• chainreactors / gogo

  View on GitHub
  面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams
  ☆2,054May 9, 2026Updated last week
• UzJu / Cloud-Bucket-Leak-Detection-Tools

  View on GitHub
  六大云存储，泄露利用检测工具
  ☆1,252Mar 28, 2025Updated last year
• yulate / jdbc-tricks

  View on GitHub
  《深入JDBC安全：特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…
  ☆586Feb 7, 2026Updated 3 months ago
• libaibaia / cloudSec

  View on GitHub
  云安全利用工具-云平台AK/SK-WEB利用工具，添加AK/SK自动检测资源，无需手动执行，支持云服务器、存储桶、数据库操作
  ☆595Dec 19, 2024Updated last year
• Lotus6 / JavaGadgetGenerator

  View on GitHub
  JavaGadgetGenerator 工具，支持 ysoserial，Hessian，字节码，Expr/SSTI，Shiro，JDBC 等 Gadget 生成，封装，混淆，出网延迟探测，内存马注入等...
  ☆569Apr 3, 2026Updated last month
• leveryd / x-waf

  View on GitHub
  让"WAF绕过"变得简单
  ☆436Jan 26, 2025Updated last year
• wh1t3zer / SpringBootVul-GUI

  View on GitHub
  一个半自动化springboot打点工具，内置目前springboot所有漏洞
  ☆779Sep 30, 2025Updated 7 months ago
• lintstar / CS-AutoPostChain

  View on GitHub
  基于 OPSEC 的 CobaltStrike 后渗透自动化链
  ☆453Mar 11, 2024Updated 2 years ago
• Schira4396 / VcenterKiller

  View on GitHub
  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
  ☆1,473Apr 25, 2024Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• shmilylty / netspy

  View on GitHub
  netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）
  ☆2,219Jul 25, 2023Updated 2 years ago
• wa1ki0g / NoAuth

  View on GitHub
  java-web 自动化鉴权绕过
  ☆380Apr 3, 2025Updated last year
• c0olw / NacosRce

  View on GitHub
  Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用
  ☆850Jul 7, 2023Updated 2 years ago
• saoshao / DetSql

  View on GitHub
  Burp插件，快速探测可能存在SQL注入的请求并标记，提高测试效率
  ☆797Feb 26, 2026Updated 2 months ago
• SexyBeast233 / SecDictionary

  View on GitHub
  实战沉淀字典
  ☆1,553Mar 17, 2026Updated 2 months ago
• jar-analyzer / jar-analyzer

  View on GitHub
  Jar Analyzer - 一个 JAR 包 GUI 分析工具，方法调用关系搜索，方法调用链 DFS 算法分析，模拟 JVM 的污点分析验证 DFS 结果，字符串搜索，Java Web 组件入口分析，CFG 程序分析，JVM 栈帧分析，自定义表达式搜索，紧跟 AI 技术发…
  ☆2,079May 10, 2026Updated last week
• vaycore / OneScan

  View on GitHub
  OneScan 是一款用于递归目录扫描的 BurpSuite 插件
  ☆1,244Jun 24, 2025Updated 10 months ago
• KimJun1010 / inspector

  View on GitHub
  IDEA代码审计辅助插件（深信服深蓝实验室天威战队强力驱动）
  ☆584Mar 10, 2025Updated last year
• wafinfo / DecryptTools

  View on GitHub
  DecryptTools-综合解密
  ☆1,322Mar 2, 2025Updated last year
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• pykiller / API-T00L

  View on GitHub
  互联网厂商API利用工具。
  ☆569Sep 13, 2024Updated last year
• lemono0 / FastJsonParty

  View on GitHub
  FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本)，主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
  ☆1,211Jul 12, 2024Updated last year
• wyzxxz / aksk_tool

  View on GitHub
  AK资源管理工具，阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM/E2/UHOST/ECI/BCC执行命令，OSS/COS/S3/BOS…
  ☆782Feb 13, 2025Updated last year
• Symph0nia / Coda

  View on GitHub
  入侵痕迹清理/Cleaning up traces of intrusion
  ☆251Nov 6, 2024Updated last year
• sma11new / Pyke-Shiro

  View on GitHub
  复杂请求下的Shiro反序列化利用工具
  ☆421Mar 12, 2024Updated 2 years ago
• ImCoriander / ZeroEye

  View on GitHub
  自动化找白文件，用于扫描 EXE 文件的导入表，列出导入的DLL文件，并筛选出非系统DLL，符合条件的文件将被复制到特定的 X64 或 X86 文件夹
  ☆625Mar 24, 2026Updated last month
• pen4uin / java-echo-generator

  View on GitHub
  一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.
  ☆463Jan 12, 2025Updated last year