一款API水平越权漏洞检测工具
☆766Jun 27, 2023Updated 2 years ago
Alternatives and similar repositories for IDOR_detect_tool
Users that are interested in IDOR_detect_tool are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 对Auth/Waf 自动化bypass的burpsuite插件☆1,110Feb 28, 2026Updated 3 weeks ago
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,468Apr 25, 2024Updated last year
- 六大云存储,泄露利用检测工具☆1,245Mar 28, 2025Updated 11 months ago
- 一个高价值漏洞采集与推送服务 | Collect valueable vulnerabilities and push them to various services☆1,790Nov 26, 2025Updated 3 months ago
- domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等☆2,118Mar 3, 2026Updated 3 weeks ago
- Redis 漏洞利用工具☆939Jan 26, 2025Updated last year
- OA综合利用工具,集合将近20款OA漏洞批量扫描☆1,339Oct 28, 2023Updated 2 years ago
- API Security DAST & Oprations☆319Jul 5, 2023Updated 2 years ago
- Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件☆1,313Jun 29, 2024Updated last year
- OneScan 是一款用于递归目录扫描的 BurpSuite 插件☆1,233Jun 24, 2025Updated 9 months ago
- 面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams☆2,028Feb 3, 2026Updated last month
- Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack…☆3,218May 24, 2024Updated last year
- 高性能 HTTP 正向代理工具 | A high-performance http tunneling tool☆2,683Feb 2, 2026Updated last month
- Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。☆1,341Dec 14, 2025Updated 3 months ago
- 自动化Host碰撞工具,帮助红队快速扩展网络边界,获取更多目标点☆597Oct 7, 2023Updated 2 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,014May 21, 2024Updated last year
- 一个基于网络空间搜索引擎的攻击面管理平台,可定时进行资产信息爬取,及时发现新增资产,本项目聚合了 Fofa、Hunter、Quake、Zoomeye 和 Threatbook 的数据源,并对获取到的数据进行去重与清洗☆457Apr 19, 2023Updated 2 years ago
- 一��款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.☆2,166Aug 21, 2025Updated 7 months ago
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,050Oct 7, 2022Updated 3 years ago
- K8S安全攻防思维导图 | Docker安全攻防思维导图☆417Jun 22, 2022Updated 3 years ago
- 高危漏洞利用工具☆1,828Feb 12, 2025Updated last year
- Fastjson姿势技巧集合☆1,833Oct 20, 2023Updated 2 years ago
- HeapDump敏感信息提取工具☆1,638Dec 15, 2025Updated 3 months ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆753Apr 14, 2021Updated 4 years ago
- WeblogicTool,GUI漏洞利用工具,支持漏洞检测、命令执行、内存马注入、密码解密等(深信服深蓝实验室天威战队强力驱动)☆1,777Nov 1, 2023Updated 2 years ago
- 爬网站JS文件,自动fuzz api接口,指定api接口(针对前后端分离项目,可指定后端接口地址),回显api响应☆755Jul 20, 2023Updated 2 years ago
- OAExploit一款基于产品的一键扫描工具。☆1,481Sep 20, 2022Updated 3 years ago
- 泛微最近的漏洞利用工具(PS:2023)☆481Dec 14, 2023Updated 2 years ago
- 一款用Go语言编写的数据库自动化提权工具,支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接☆861Aug 30, 2023Updated 2 years ago
- 一款完全被动监听的谷歌插件,用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗☆1,656Jan 19, 2023Updated 3 years ago
- AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS…☆779Feb 13, 2025Updated last year
- APIKit:Discovery, Scan and Audit APIs Toolkit All In One.☆2,245Apr 2, 2024Updated last year
- [WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐☆3,151Nov 6, 2025Updated 4 months ago
- SpringScan 漏洞检测 Burp插件☆606Nov 14, 2023Updated 2 years ago
- 梳理【护网高利用率POC】并集成Nuclei模板仓库,针对解决网上同一资产漏洞一键检测工具参次不齐问题。☆577Mar 21, 2024Updated 2 years ago
- 项目监控工具 以及 Codeql 自动运行☆313Apr 13, 2023Updated 2 years ago
- 各种数据库的利用姿势☆1,033Jan 3, 2025Updated last year
- netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)☆2,203Jul 25, 2023Updated 2 years ago
- DarkAngel 是一款全自动白帽漏洞扫描器,从hackerone、bugcrowd资产监听到漏洞报告生成、漏洞URL截屏、消息通知。☆609Aug 17, 2023Updated 2 years ago