xiaogang000/XG_SQL

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xiaogang000/XG_SQL)

xiaogang000 / XG_SQL

二开xiasql

☆57

Alternatives and similar repositories for XG_SQL

Users that are interested in XG_SQL are comparing it to the libraries listed below

Sorting:

bmth666 / GeoServer-Tools-CVE-2024-36401
View on GitHub
CVE-2024-36401 图形化利用工具，支持各个JDK版本利用以及回显、内存马实现
☆39Jul 16, 2025Updated 8 months ago
mumumumuo / RaceCondition
View on GitHub
Burp条件竞争测试插件
☆26Aug 21, 2025Updated 6 months ago
zhaoyumi / MYExploit
View on GitHub
二开了MYExploit项目，其实也没改多少，就是新增了一些POC。
☆15Jan 10, 2024Updated 2 years ago
qncosfh / xxl_job_executor_exploit
View on GitHub
xxl_job_executor_默认Access_Token_不出网综合利用
☆40Oct 20, 2025Updated 5 months ago
private-xss / sensitive-info-tool
View on GitHub
☆47Sep 30, 2025Updated 5 months ago
zskxc666 / Security_Analysis_Engine_Project
View on GitHub
鉴穹日志安全分析系统
☆18Sep 7, 2025Updated 6 months ago
AnQuanPig / XiaSQL_Plus
View on GitHub
迄今为止公开的二开瞎注插件中最强版本：Xia SQL Plus，基于 “瞎注” xia_sql二次开发。
☆90Feb 26, 2026Updated 3 weeks ago
Satan0x00 / IcpSearch
View on GitHub
批量查询域名备案；app；小程序
☆19May 28, 2025Updated 9 months ago
nex121 / RuoyiGui
View on GitHub
☆26Dec 13, 2024Updated last year
yingfff123 / MUKI
View on GitHub
Muki is an active asset fingerprinting tool built for red teams — powered by 30,000+ precision signatures, proxy rotation, and intelligen…
☆108Jan 13, 2026Updated 2 months ago
youmulijiang / BpArsenal
View on GitHub
BpArsenal, a Burp Suite plugin that can quickly convert http requests into command-line tool execution, launch third-party tools and open…
☆22Oct 31, 2025Updated 4 months ago
ttstormxx / lineadd
View on GitHub
lineadd 渗透测试字典管理工具, 让字典管理生活轻松一点。Penetration test dictionary management tool, make dictionary management life a little easier.
☆27Aug 19, 2023Updated 2 years ago
AduraK2 / Shiro_Weblogic_Tool
View on GitHub
针对部署在Weblogic上的Shiro
☆44May 6, 2023Updated 2 years ago
wrongwe / index-of-scanner
View on GitHub
基于协程并发的Web敏感文件扫描器，精准探测备份文件、配置泄露及版本控制目录暴露风险，为渗透测试与安全防护提供专业级资产测绘方案。
☆12Mar 6, 2025Updated last year
24-2021 / Finger24
View on GitHub
基于已收集指纹库进行识别网站指纹的浏览器插件
☆116Jul 30, 2025Updated 7 months ago
Boogipop / Netty-WebFlux-Memshell
View on GitHub
Netty/WebFlux 内存马
☆26Nov 19, 2023Updated 2 years ago
Ciyfly / mullet
View on GitHub
总要写一款自己的扫描器
☆33Apr 27, 2022Updated 3 years ago
0xf4n9x / CDGXStreamDeserRCE
View on GitHub
亿赛通电子文档安全管理系统XStream反序列化漏洞任意文件上传利用
☆120Aug 9, 2024Updated last year
Mr-r00t11 / CVE-2024-37081
View on GitHub
A local privilege escalation vulnerability in VMware vCenter Server (and VMware Cloud Foundation) caused by a misconfiguration of sudo, a…
☆57Jul 9, 2024Updated last year
GrassWorkshop / wxapkg_infosearch
View on GitHub
一款微信小程序源码包信息收集工具，根据已有项目改编
☆24Feb 11, 2025Updated last year
cwkiller / xxe-smb-server
View on GitHub
在xxe中使用smb外带多行内容
☆104Nov 9, 2025Updated 4 months ago
Chave0v0 / API-Highlighter
View on GitHub
API Highlighter 是一个用于 BurpSuite 的插件，主要用于 web 应用迭代安全测试时高亮指定的新增接口，该插件最初用 Python 编写，现重构为 Java 版本。
☆42Feb 19, 2025Updated last year
achenc1013 / XSS_Scanner
View on GitHub
这是一个全面的Web应用安全扫描工具，专注于检测XSS（跨站脚本）漏洞，同时也能够发现其他类型的Web安全漏洞。该工具支持多种扫描模式、不同级别的有效载荷和详细的漏洞报告。
☆17Mar 9, 2025Updated last year
unam4 / fineldapc
View on GitHub
某软最新公开gadgegt,新加入不出网利用。
☆89Sep 6, 2024Updated last year
novysodope / AMF_JRMP
View on GitHub
改造一个基于jrmp的AMF反序列化利用工具
☆16Jul 7, 2022Updated 3 years ago
h00klod0er / JSFindAPI
View on GitHub
JSFindAPI是一款自动从html页面中获取js链接，并自动访问js提取js中的api路径，然后自动进行api未授权测试的插件，同时也可被动监听，当访问js时自动提取api进行访问，提取api接口主要根据AJAX，XMLHttpRequest，axios，Vue.js等…
☆30Oct 20, 2025Updated 5 months ago
Chave0v0 / YONYOU-TOOL
View on GitHub
用友漏洞综合利用工具
☆263Nov 9, 2024Updated last year
l3yx / jdwp-codeifier
View on GitHub
基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本（动态执行Java/Js代码并获得回显）
☆321Dec 22, 2024Updated last year
0x3rhy / BOF-DCOMPotato-PrintNotify
View on GitHub
Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
☆13Feb 4, 2024Updated 2 years ago
Esonhugh / yapi-rce-webshell
View on GitHub
Yapi mock script RCE another version. Webshell way. 另一种 Webshell 方式的 Yapi 命令执行的方法相比于其他的利用方式更加微操和可控影响更小
☆66Jul 4, 2024Updated last year
Niiiiko / Finev10Memshell
View on GitHub
针对finereportv10反序列化接口/webroot/decision/remote/design/channel进行无回显检测并提供Godzilla memshell注入功能（部分环境缺少依赖无法成功）
☆24Oct 17, 2023Updated 2 years ago
CafeD1 / Kill_Memshell
View on GitHub
基于 Agent + Instrumentation + ASM 的 Java 进程内存马检测与清除查杀工具（含 GUI）+CLI命令行操作功能
☆40Oct 27, 2025Updated 4 months ago
1ucky7 / HessianPoc_Generator-0.1.1
View on GitHub
woodpecker插件生成hessian利用payload
☆20Sep 19, 2023Updated 2 years ago
zidanfanshao / vcenter_tools
View on GitHub
vcenter图形化漏洞利用工具
☆70Nov 17, 2024Updated last year
yzddmr6 / NetDeserializer
View on GitHub
.Net 反序列化漏洞学习
☆15Aug 29, 2020Updated 5 years ago
goddemondemongod / god_param
View on GitHub
god_param
☆43Nov 27, 2023Updated 2 years ago
lintx0 / WannaCry_HTA
View on GitHub
WannaCry_HTA 是一个基于 HTA（HTML Application）技术开发的高度仿真 WannaCry 勒索病毒界面模拟程序。该项目简单、完全可控，专为安全研究、应急演练和安全教育场景设计。界面UI参考zR00t1师傅项目编写。
☆25Aug 13, 2025Updated 7 months ago
tarihub / blackjump
View on GitHub
JumpServer 堡垒机未授权综合漏洞利用, Exploit for CVE-2023-42442 / CVE-2023-42820 / RCE 2021
☆273Jun 6, 2025Updated 9 months ago
CRlife / Rscan
View on GitHub
自动化扫描利器，指纹识别更精准，漏洞扫描更全面
☆374Oct 29, 2025Updated 4 months ago