xk4ng/NacosDefaultToken external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

xk4ng/NacosDefaultToken

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xk4ng/NacosDefaultToken)

Close

xk4ng / NacosDefaultTokenView on GitHubMore

• External links
• Readme badge

Alibaba Nacos存在默认token.secret.key，导致远程攻击者可以绕过密钥认证接管Nacos

☆19Mar 17, 2023Updated 2 years ago

Alternatives and similar repositories for NacosDefaultToken

Users that are interested in NacosDefaultToken are comparing it to the libraries listed below

• xiaoy-sec / USBShutdown

  View on GitHub
  反取证程序，类似usbkill
  ☆11Apr 22, 2023Updated 2 years ago
• Schira4396 / HrmsTamper

  View on GitHub
  适用于某EHR&HRM的加解密工具，可直接用于sqlmap
  ☆25Jan 14, 2024Updated 2 years ago
• winezer0 / SSDG

  View on GitHub
  SSDG 基于Social规则的账号|密码|口令字典生成工具
  ☆16Jan 10, 2025Updated last year
• mastersir-lab / DecryptOA

  View on GitHub
  OA系统解密小工具
  ☆47Dec 10, 2023Updated 2 years ago
• li8u99 / AWD-WebKiller

  View on GitHub
  适用AWD-WEB的各种场景下的攻击框架。
  ☆22May 26, 2023Updated 2 years ago
• TonyD0g / Groundhog

  View on GitHub
  基于load data逻辑漏洞的Mysql蜜罐
  ☆23Jul 14, 2025Updated 7 months ago
• b4nbird / shellcodeLoaders

  View on GitHub
  ☆28Sep 1, 2023Updated 2 years ago
• SleepingBag945 / IPSearch

  View on GitHub
  离线IP Whois查询工具。可根据IP查询所属IP段信息、根据关键词查询IP段信息
  ☆40Mar 25, 2023Updated 2 years ago
• ttstormxx / lineadd

  View on GitHub
  lineadd 渗透测试字典管理工具, 让字典管理生活轻松一点。Penetration test dictionary management tool, make dictionary management life a little easier.
  ☆27Aug 19, 2023Updated 2 years ago
• Ernket / shepherd

  View on GitHub
  将fofa quake zoomeye hunter等空间测绘聚合的小工具
  ☆23Aug 13, 2023Updated 2 years ago
• bryanroma / HollowSVC

  View on GitHub
  Windows Service with the implementation of the Process hollowing technique to run shellcode
  ☆14Jul 20, 2023Updated 2 years ago
• jas502n / zentao

  View on GitHub
  zentao Getshell
  ☆10Oct 27, 2020Updated 5 years ago
• Ivan1ee / NET-Command

  View on GitHub
  .NET 执行命令的方法合集
  ☆24Apr 9, 2023Updated 2 years ago
• nex121 / webshellEncode

  View on GitHub
  ☆28Aug 12, 2023Updated 2 years ago
• Vang3lis / CLFS_POC

  View on GitHub
  clfs CVE 的一些 POC 收集
  ☆16Oct 27, 2022Updated 3 years ago
• sv3nbeast / ReadSun2Desk

  View on GitHub
  读取dump向日葵&Todesk进程的文件获得连接信息
  ☆17Sep 27, 2024Updated last year
• wenruoya / A-Nacos

  View on GitHub
  Nacos 图形化漏洞检测
  ☆28Aug 7, 2023Updated 2 years ago
• SecNN / HTTPServer

  View on GitHub
  红队内网环境中一个能快速开启HTTP文件浏览服务的小工具 ,可执行Webshell，可用于在内网不出网时文件的下载，启动时会根据网卡IPV4地址输出URL(本地回环除外)。
  ☆112Mar 19, 2023Updated 2 years ago
• hkxueqi / YonyouNc-UNSERIALIZE-scan

  View on GitHub
  Yonyou-UNSERIALIZE,用友NC 反序列化检查工具,批量检测用友NC 反序列化
  ☆50Jul 21, 2023Updated 2 years ago
• Ormicron / ShiroDecrypter

  View on GitHub
  一个解密 Shiro-rememberMe的图形化小工具，支持cbc和gcm。
  ☆26Sep 16, 2021Updated 4 years ago
• X1r0z / go-ntlmssp

  View on GitHub
  NTLM/Negotiate authentication over HTTP that supports Pass The Hash Mode (PtH)
  ☆17Sep 13, 2024Updated last year
• LDrakura / CVE-Monitor

  View on GitHub
  GitHubApi CVE Poc监控工具
  ☆14Jan 23, 2026Updated last month
• Avienma / Mimikatz

  View on GitHub
  用c#实现了个远程拉取Mimikatz.ps1
  ☆61Dec 7, 2023Updated 2 years ago
• winezer0 / whatweb-plus-plugins

  View on GitHub
  whatweb plus plugins
  ☆17Sep 5, 2025Updated 6 months ago
• Wjinlei / hwsaudit

  View on GitHub
  使用Go语言开发的Linux权限审计工具
  ☆13Jun 15, 2022Updated 3 years ago
• superMan-rgb / domainToip

  View on GitHub
  复刻棱眼，对收集到的域名进行反查ip的功能，再将ip整理成c段
  ☆12Nov 7, 2024Updated last year
• Cuerz / beforeSearch

  View on GitHub
  一款实现资产测绘、信息收集、隐私提取、编码转换等功能的chrome插件，部分还没来得及实现。
  ☆14Apr 19, 2023Updated 2 years ago
• 0x3rhy / BOF-DCOMPotato-PrintNotify

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…
  ☆13Feb 4, 2024Updated 2 years ago
• lijiejie / MisConfig_HTTP_Proxy_Scanner

  View on GitHub
  The scanner helps to scan misconfigured reverse proxy servers and misconfigured forward proxy servers
  ☆175Apr 19, 2023Updated 2 years ago
• whwlsfb / ViewState-Cracker

  View on GitHub
  ASP.net ViewState密钥被动扫描爆破BurpSuite插件
  ☆220Nov 14, 2025Updated 3 months ago
• shanxigetanxiaochou / curl-rce

  View on GitHub
  在无回显的情况下，通过curl外带命令，达到回显的效果
  ☆42Nov 27, 2023Updated 2 years ago
• lcvvvv / protoscanner

  View on GitHub
  protoscanner是一个使用纯Go编写的协议识别仓库，脱胎于NMAP
  ☆28Aug 30, 2023Updated 2 years ago
• rambleZzz / jmxbfGUI

  View on GitHub
  jmx未授权访问 弱口令批量检测 GUI工具
  ☆31Apr 28, 2023Updated 2 years ago
• a1phaboy / nacosleak

  View on GitHub
  一键获取nacos中的配置文件信息和绘制密码本
  ☆121Jun 28, 2024Updated last year
• corunb / Split_tools

  View on GitHub
  分割小工具，可分割木马，一键生成写入、合并、追加命令
  ☆166Jan 5, 2024Updated 2 years ago
• ASkyeye / Artillery

  View on GitHub
  CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…
  ☆14Dec 30, 2023Updated 2 years ago
• wafinfo / ezOFFICE_Decrypt

  View on GitHub
  万户数据库解密
  ☆21Dec 3, 2023Updated 2 years ago
• winezer0 / EditHttpMsg

  View on GitHub
  burpsuite 插件 根据配置简单规则编辑通过的HTTP流量包
  ☆14Feb 27, 2023Updated 3 years ago
• bit4woo / passmaker_java

  View on GitHub
  密码生成工具、password maker、password generator
  ☆15Apr 20, 2024Updated last year