越权检测工具
☆746Jun 17, 2022Updated 3 years ago
Alternatives and similar repositories for secscan-authcheck
Users that are interested in secscan-authcheck are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆865Jul 21, 2019Updated 6 years ago
- Burp被动扫描流量转发插件☆1,462Jun 17, 2024Updated last year
- SRC子域名资产监控☆1,298Jan 14, 2021Updated 5 years ago
- 360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能☆1,184Nov 10, 2021Updated 4 years ago
- Passive Security Scanner (被动式安全扫描器)☆1,946Feb 8, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Burp suite 分块传输辅助插件☆2,033Feb 23, 2022Updated 4 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆962Jun 16, 2024Updated last year
- 用于记录分享一些有趣的案例☆867Jan 10, 2022Updated 4 years ago
- 从wooyun中提取的payload,以及burp插件☆839Jun 17, 2022Updated 3 years ago
- 本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。☆2,815Aug 7, 2022Updated 3 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆725Mar 21, 2022Updated 4 years ago
- KunLun-M — Open-source static code analysis for PHP, JavaScript, Java, with AST-based semantic scanning and one-click AI Agent integratio…☆2,383Updated this week
- 傻瓜式漏洞PoC测试框架☆1,443Oct 30, 2023Updated 2 years ago
- bayonet是一款src资产管理系统,从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统☆1,513Nov 22, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A powerful browser crawler for web vulnerability scanners☆3,033Mar 11, 2025Updated last year
- PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penetration checklist☆669Feb 24, 2021Updated 5 years ago
- Hunter作为中通DevSecOps闭环方案中的一环,扮演着很重要的角色,开源之后希望能帮助到更多企业。☆345Dec 14, 2022Updated 3 years ago
- 一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo☆816Nov 28, 2022Updated 3 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆821Sep 4, 2019Updated 6 years ago
- Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack…☆3,234May 24, 2024Updated 2 years ago
- Redis 4.x/5.x RCE☆978Nov 30, 2021Updated 4 years ago
- 溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)☆2,077Dec 16, 2023Updated 2 years ago
- ☆404Feb 28, 2020Updated 6 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- 免杀webshell无限生成工具☆1,285Apr 3, 2020Updated 6 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,397Dec 16, 2022Updated 3 years ago
- 一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具☆739Dec 8, 2022Updated 3 years ago
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,695Mar 14, 2024Updated 2 years ago
- Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架☆1,053Apr 25, 2019Updated 7 years ago
- 绿盟科技漏洞扫描器(RSAS)漏洞库☆365May 30, 2019Updated 6 years ago
- 一个主要用于信息搜集的工具集,主要是用于对网站子域名、开放端口、端口指纹、c段地址、敏感目录等信息进行批量搜集。☆1,005Jun 22, 2020Updated 5 years ago
- 一键ThinkPHP漏洞检测☆1,162Nov 1, 2023Updated 2 years ago
- domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等☆2,131Apr 10, 2026Updated last month
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- 这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。☆1,193Apr 30, 2019Updated 7 years ago
- A Domain Name & Email Address Collection Tool☆1,012May 25, 2021Updated 5 years ago
- 瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf��☆719Jul 20, 2022Updated 3 years ago
- Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、…☆4,280Apr 4, 2021Updated 5 years ago
- 网页相似度判断:根据网页结构判断页面相似性 ,可用于相似度计算、越权检测等(Determine page similarity based on HTML page structure)☆281Jul 27, 2019Updated 6 years ago
- python3写的综合扫描工具,主要用来存活验证,敏感文��件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。☆1,755Jan 2, 2020Updated 6 years ago
- 自动扫描内网常见sql、no-sql数据库脚本(mysql、mssql、oracle、postgresql、redis、mongodb、memcached、elasticsearch),包含未授权访问及常规弱口令检测☆567Dec 1, 2017Updated 8 years ago