whwlsfb/SpringSpider

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/whwlsfb/SpringSpider)

whwlsfb / SpringSpider

Spring Actuator端点的BurpSuite被动扫描插件。

☆202

Alternatives and similar repositories for SpringSpider

Users that are interested in SpringSpider are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

EASY233 / BpScan
View on GitHub
一款用于辅助渗透测试工程师日常渗透测试的Burp被动漏扫插件
☆242Nov 25, 2022Updated 3 years ago
SummerSec / SpringExploit
View on GitHub
🚀 一款为了学习go而诞生的漏洞利用工具
☆451Jun 14, 2022Updated 3 years ago
MaskCyberSecurityTeam / BurpHttpHelper
View on GitHub
BurpHttpHelper是一款Burpsuite插件，主要用于简化和解决Burpsuite对Http的一些操作.
☆114Jan 22, 2023Updated 3 years ago
pmiaowu / log4j2Scan
View on GitHub
用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
☆212Apr 18, 2023Updated 3 years ago
YYHYlh / Apache-Dubbo-CVE-2023-23638-exp
View on GitHub
Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
☆231Aug 8, 2023Updated 2 years ago
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
F6JO / RouteVulScan
View on GitHub
Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件
☆1,323Jun 29, 2024Updated last year
seventeenman / Forest
View on GitHub
基于frp(0.44.0)二次开发，删除不必要功能，加密配置文件，修改流量以及文件特征
☆312Aug 9, 2022Updated 3 years ago
Schira4396 / VcenterKiller
View on GitHub
一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
☆1,472Apr 25, 2024Updated 2 years ago
z2p / sweetPotato
View on GitHub
基于burpsuite的资产分析工具
☆474Apr 29, 2023Updated 3 years ago
0x727 / BypassPro
View on GitHub
对Auth/Waf 自动化bypass的burpsuite插件
☆1,255May 10, 2026Updated 3 weeks ago
metaStor / SpringScan
View on GitHub
SpringScan 漏洞检测 Burp插件
☆607Nov 14, 2023Updated 2 years ago
whwlsfb / JDumpSpider
View on GitHub
HeapDump敏感信息提取工具
☆1,659Dec 15, 2025Updated 5 months ago
pap1rman / postnacos
View on GitHub
哥斯拉nacos后渗透插件 maketoken adduser
☆150Jul 7, 2023Updated 2 years ago
amaz1ngday / fastjson-exp
View on GitHub
fastjson利用，支持tomcat、spring回显，哥斯拉内存马；回显利用链为dhcp、ibatis、c3p0。
☆327Mar 15, 2022Updated 4 years ago
Deploy on Railway without the complexity - Free Credits Offer • Ad
Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
lele8 / SharpUserIP
View on GitHub
获取服务器或域控登录日志
☆280Sep 8, 2023Updated 2 years ago
Ridter / PySQLTools
View on GitHub
Mssql利用工具
☆277Aug 7, 2023Updated 2 years ago
exp1orer / JNDI-Inject-Exploit
View on GitHub
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
☆775Jan 26, 2022Updated 4 years ago
a1phaboy / FastjsonScan
View on GitHub
Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
☆1,055Oct 7, 2022Updated 3 years ago
Bl0omZ / JNDIEXP
View on GitHub
JNDI在java高版本的利用工具,FUZZ利用链
☆601Oct 8, 2022Updated 3 years ago
wyzxxz / aksk_tool
View on GitHub
AK资源管理工具，阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM/E2/UHOST/ECI/BCC执行命令，OSS/COS/S3/BOS…
☆784Feb 13, 2025Updated last year
c0olw / NacosRce
View on GitHub
Nacos JRaft Hessian 反序列化 RCE 加载字节码注入内存马不出网利用
☆851Jul 7, 2023Updated 2 years ago
Rvn0xsy / PassDecode-jar
View on GitHub
帆软/致远密码解密工具
☆363Jul 29, 2021Updated 4 years ago
whwlsfb / cve-2022-22947-godzilla-memshell
View on GitHub
CVE-2022-22947 注入Godzilla内存马
☆211Apr 26, 2022Updated 4 years ago
Deploy on Railway without the complexity - Free Credits Offer • Ad
Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
sma11new / Pyke-Shiro
View on GitHub
复杂请求下的Shiro反序列化利用工具
☆420Mar 12, 2024Updated 2 years ago
pen4uin / java-echo-generator
View on GitHub
一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.
☆464Jan 12, 2025Updated last year
wyzxxz / heapdump_tool
View on GitHub
heapdump敏感信息查询工具，例如查找 spring heapdump中的密码明文，AK,SK等
☆1,447May 21, 2024Updated 2 years ago
Ppsoft1991 / CodeReviewTools
View on GitHub
通过正则搜索、批量反编译特定Jar包中的class名称
☆322Dec 9, 2021Updated 4 years ago
KrystianLi / ExchangeOWA
View on GitHub
一款OutLook信息收集工具
☆245May 23, 2023Updated 3 years ago
pmiaowu / BurpFastJsonScan
View on GitHub
一款基于BurpSuite的被动式FastJson检测插件
☆1,246Oct 1, 2022Updated 3 years ago
f0ng / JavaFileDict
View on GitHub
Java应用的一些配置文件字典，来源于公开的字典与平时收集
☆320Feb 1, 2024Updated 2 years ago
achuna33 / MYExploit
View on GitHub
OAExploit一款基于产品的一键扫描工具。
☆1,484Sep 20, 2022Updated 3 years ago
Hutt0n0 / ActiveMqRCE
View on GitHub
用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用内存马注入
☆290Nov 20, 2023Updated 2 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
novysodope / RMI_Inj_MemShell
View on GitHub
rmi打内存马工具，适用于目标用不了ldap的情况
☆254Jul 12, 2023Updated 2 years ago
smxiazi / xia_sql
View on GitHub
xia SQL (瞎注) burp 插件，在每个参数后面填加一个单引号，两个单引号，一个简单的判断注入小插件。
☆1,267May 18, 2023Updated 3 years ago
xfiftyone / seeyon-exploit
View on GitHub
致远OA漏洞检测
☆190Aug 2, 2023Updated 2 years ago
Ni4n / ShellGenerate
View on GitHub
哥斯拉jsp/jspx免杀webshell生成器
☆208Apr 28, 2023Updated 3 years ago
novysodope / fupo_for_yonyou
View on GitHub
用友漏洞检测，持续更新漏洞检测模块
☆479Jul 21, 2025Updated 10 months ago
f0ng / log4j2burpscanner
View on GitHub
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
☆843Jun 13, 2023Updated 2 years ago
corener / JavaPassDump
View on GitHub
JavaPassDump
☆275Jan 7, 2022Updated 4 years ago