wwl012345/Vuln-List

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/wwl012345/Vuln-List)

wwl012345 / Vuln-List

(持续更新)对网上出现的各种OA、中间件、CMS等漏洞进行整理，主要包括漏洞介绍、漏洞影响版本以及漏洞POC/EXP等，并且会持续更新。

☆515

Alternatives and similar repositories for Vuln-List

Users that are interested in Vuln-List are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

DawnFlame / POChouse
View on GitHub
POC&EXP仓库、hvv弹药库、Nday、1day
☆1,109Nov 11, 2022Updated 3 years ago
achuna33 / MYExploit
View on GitHub
OAExploit一款基于产品的一键扫描工具。
☆1,485Sep 20, 2022Updated 3 years ago
helloexp / 0day
View on GitHub
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
☆2,357Sep 12, 2023Updated 2 years ago
White-hua / Apt_t00ls
View on GitHub
高危漏洞利用工具
☆1,837Feb 12, 2025Updated last year
tr0uble-mAker / POC-bomber
View on GitHub
利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点
☆2,365Jun 9, 2023Updated 2 years ago
AI Agents on DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
Ghr07h / Heimdallr
View on GitHub
一款完全被动监听的谷歌插件，用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗
☆1,667Jan 19, 2023Updated 3 years ago
LittleBear4 / OA-EXPTOOL
View on GitHub
OA综合利用工具，集合将近20款OA漏洞批量扫描
☆1,340Oct 28, 2023Updated 2 years ago
Threekiii / Vulnerability-Wiki
View on GitHub
一个基于 docsify 快速部署 Awesome-POC 漏洞文档的项目。Deploying the Awesome-POC repository via docsify.
☆2,083May 11, 2026Updated last week
safe6Sec / PentestDB
View on GitHub
各种数据库的利用姿势
☆1,034Jan 3, 2025Updated last year
1n7erface / Template
View on GitHub
Next generation RedTeam heuristic intranet scanning | 下一代RedTeam启发式内网扫描
☆1,120Sep 16, 2023Updated 2 years ago
ybdt / exp-hub
View on GitHub
Poc and Exp
☆1,242Dec 8, 2025Updated 5 months ago
niudaii / zpscan
View on GitHub
一个有点好用的信息收集工具。A somewhat useful information gathering tool.
☆1,191Dec 17, 2024Updated last year
UzJu / Cloud-Bucket-Leak-Detection-Tools
View on GitHub
六大云存储，泄露利用检测工具
☆1,252Mar 28, 2025Updated last year
CnHack3r / Goby_PoC_RedTeam
View on GitHub
致力于收集Goby PoC，请勿用于非法操作，后果自负。
☆246Sep 21, 2022Updated 3 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
safe6Sec / ShiroExp
View on GitHub
shiro综合利用工具
☆652Apr 15, 2023Updated 3 years ago
SummerSec / SpringExploit
View on GitHub
🚀 一款为了学习go而诞生的漏洞利用工具
☆451Jun 14, 2022Updated 3 years ago
lal0ne / vulnerability
View on GitHub
收集、整理、修改互联网上公开的漏洞POC
☆968Jul 27, 2025Updated 9 months ago
cseroad / Webshell_Generate
View on GitHub
用于生成各类免杀webshell
☆1,306Jan 8, 2026Updated 4 months ago
yuyan-sec / RedisEXP
View on GitHub
Redis 漏洞利用工具
☆943Jan 26, 2025Updated last year
cseroad / Exp-Tools
View on GitHub
一款集成高危漏洞exp的实用性工具
☆1,309Nov 6, 2024Updated last year
savior-only / Spring_All_Reachable
View on GitHub
Spring漏洞综合利用工具
☆674Jul 5, 2023Updated 2 years ago
Schira4396 / VcenterKiller
View on GitHub
一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
☆1,473Apr 25, 2024Updated 2 years ago
bit4woo / domain_hunter_pro
View on GitHub
domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等
☆2,130Apr 10, 2026Updated last month
Deploy on Railway without the complexity - Free Credits Offer • Ad
Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
Threekiii / Awesome-POC
View on GitHub
一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.
☆4,960May 11, 2026Updated last week
biggerduck / RedTeamNotes
View on GitHub
红队笔记
☆2,148Mar 16, 2026Updated 2 months ago
metaStor / SpringScan
View on GitHub
SpringScan 漏洞检测 Burp插件
☆607Nov 14, 2023Updated 2 years ago
dark-kingA / superSearchPlus
View on GitHub
superSearchPlus是聚合型信息收集插件，支持综合查询，资产测绘查询，信息收集敏感信息提取 js资源扫描目录扫描 vue组件扫描整合了目前常见的资产测绘平台专为白帽子提供快速侦测目标。
☆1,440Dec 16, 2024Updated last year
SummerSec / ShiroAttack2
View on GitHub
shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
☆2,508Updated this week
kelvinBen / AppInfoScanner
View on GitHub
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN…
☆3,526Dec 18, 2022Updated 3 years ago
shmilylty / netspy
View on GitHub
netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）
☆2,219Jul 25, 2023Updated 2 years ago
h4ckdepy / Un1kPoc
View on GitHub
非常专业的漏洞POC管理、团队授权化漏洞管理、漏洞验证利用、漏洞批量利用框架。
☆243Jan 19, 2023Updated 3 years ago
AlphabugX / Alphalog
View on GitHub
DNSLOG、httplog、rmilog、ldaplog、jndi 等都支持,完全匿名产品(fuzz.red)，Alphalog与传统DNSLog不同，更快、更安全。
☆458Aug 20, 2025Updated 9 months ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
Summer177 / seeyon_exp
View on GitHub
致远OA综合利用工具
☆420Jun 3, 2021Updated 4 years ago
wyzxxz / jndi_tool
View on GitHub
JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具
☆2,020May 21, 2024Updated last year
veo / wsMemShell
View on GitHub
WebSocket 内存马/Webshell，一种新型内存马/WebShell技术
☆1,493Apr 10, 2023Updated 3 years ago
Tsojan / TsojanScan
View on GitHub
An integrated BurpSuite vulnerability detection plug-in.
☆1,498Jan 29, 2026Updated 3 months ago
lintstar / LSTAR
View on GitHub
LSTAR - CobaltStrike 综合后渗透插件
☆1,264Jan 30, 2022Updated 4 years ago
EdgeSecurityTeam / EHole
View on GitHub
EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具
☆3,473Apr 2, 2024Updated 2 years ago
aetkrad / goby_poc
View on GitHub
goby poc or exp,分享goby最新网络安全漏洞检测或利用代码
☆631Jan 11, 2022Updated 4 years ago