A list of useful payloads for Web Application Security and Pentest/CTF
☆312Aug 14, 2024Updated last year
Alternatives and similar repositories for Berserker
Users that are interested in Berserker are comparing it to the libraries listed below
Sorting:
- web模糊测试 - 将漏洞可能性放大☆145Apr 23, 2019Updated 6 years ago
- Code-Audit-Challenges☆991Nov 17, 2018Updated 7 years ago
- 免杀webshell无限生成工具☆1,288Apr 3, 2020Updated 5 years ago
- Shiro RCE (Padding Oracle Attack)☆148Nov 15, 2019Updated 6 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 4 years ago
- 用于记录分享一些有趣的案例☆865Jan 10, 2022Updated 4 years ago
- a simple tool to detect potential security threat in php code☆316Sep 9, 2024Updated last year
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,198Oct 17, 2023Updated 2 years ago
- python安全和代码审计相关资料收集 resource collection of python security and code review☆1,352Aug 6, 2020Updated 5 years ago
- Burp suite 分块传输辅助插件☆2,026Feb 23, 2022Updated 4 years ago
- 为应对CTF比赛而搭建的各种环境☆154May 9, 2020Updated 5 years ago
- Redis 4.x/5.x RCE☆975Nov 30, 2021Updated 4 years ago
- Code-Breaking Puzzles☆292Apr 6, 2025Updated 11 months ago
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆311Jun 17, 2022Updated 3 years ago
- 从wooyun中提取的payload,以及burp插件☆842Jun 17, 2022Updated 3 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆819Sep 4, 2019Updated 6 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆967Jun 16, 2024Updated last year
- 🧬 辅助生成 XRay YAML POC☆271Jan 4, 2023Updated 3 years ago
- 个人域渗透学习笔记☆1,802Feb 7, 2020Updated 6 years ago
- mysql注入,bypass的一些心得☆1,327Jun 25, 2024Updated last year
- CyberSecurityRSS: A collection of cybersecurity rss to make you better!☆1,870Mar 9, 2026Updated last week
- 360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能☆1,183Nov 10, 2021Updated 4 years ago
- A collection of pentest and development tips☆1,126May 26, 2022Updated 3 years ago
- kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609☆89Oct 22, 2019Updated 6 years ago
- flash 劫持轮子,CSRF,劫持,跳转,swf 有需求可以提issues ,src挖掘,劫持response☆86Nov 9, 2019Updated 6 years ago
- 更快速的进行Web应用指纹识别☆170May 9, 2019Updated 6 years ago
- 瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf☆717Jul 20, 2022Updated 3 years ago
- 针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具☆741Jun 2, 2023Updated 2 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,389Dec 16, 2022Updated 3 years ago
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,693Mar 14, 2024Updated 2 years ago
- anti AV☆291Mar 12, 2020Updated 6 years ago
- bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)☆1,169Aug 7, 2021Updated 4 years ago
- Tomcat-Ajp协议文件读取漏洞☆796Mar 3, 2020Updated 6 years ago
- PHP 扩展, 用于 PHP-FPM、FastCGI、LD_PRELOAD等模式下突破 disabled_functions☆107Sep 8, 2021Updated 4 years ago
- Burp被动扫描流量转发插件☆1,460Jun 17, 2024Updated last year
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- 绕过专业工具检测的Webshell研究文章和免杀的Webshell☆1,733Nov 15, 2020Updated 5 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Feb 8, 2020Updated 6 years ago