ztosec/secscan-authcheck

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ztosec/secscan-authcheck)

ztosec / secscan-authcheck

越权检测工具

☆744

Alternatives and similar repositories for secscan-authcheck

Users that are interested in secscan-authcheck are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

opensec-cn / vtest
View on GitHub
用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
☆866Jul 21, 2019Updated 6 years ago
c0ny1 / passive-scan-client
View on GitHub
Burp被动扫描流量转发插件
☆1,459Jun 17, 2024Updated last year
LangziFun / LangSrcCurise
View on GitHub
SRC子域名资产监控
☆1,298Jan 14, 2021Updated 5 years ago
timwhitez / crawlergo_x_XRAY
View on GitHub
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
☆1,183Nov 10, 2021Updated 4 years ago
w-digital-scanner / w13scan
View on GitHub
Passive Security Scanner (被动式安全扫描器)
☆1,950Feb 8, 2023Updated 3 years ago
c0ny1 / chunked-coding-converter
View on GitHub
Burp suite 分块传输辅助插件
☆2,029Feb 23, 2022Updated 4 years ago
dr0op / WeblogicScan
View on GitHub
增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
☆967Jun 16, 2024Updated last year
r35tart / Penetration_Testing_Case
View on GitHub
用于记录分享一些有趣的案例
☆865Jan 10, 2022Updated 4 years ago
boy-hack / wooyun-payload
View on GitHub
从wooyun中提取的payload，以及burp插件
☆841Jun 17, 2022Updated 3 years ago
grayddq / GScan
View on GitHub
本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。
☆2,808Aug 7, 2022Updated 3 years ago
1120362990 / vulnerability-list
View on GitHub
在渗透测试中快速检测常见中间件、组件的高危漏洞。
☆728Mar 21, 2022Updated 4 years ago
LoRexxar / Kunlun-M
View on GitHub
KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。
☆2,382Jan 16, 2026Updated 2 months ago
jweny / pocassist
View on GitHub
傻瓜式漏洞PoC测试框架
☆1,443Oct 30, 2023Updated 2 years ago
CTF-MissFeng / bayonet
View on GitHub
bayonet是一款src资产管理系统，从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统
☆1,510Nov 22, 2022Updated 3 years ago
theLSA / CS-checklist
View on GitHub
PC客户端（C-S架构）渗透测试checklist / Client side(C-S) penetration checklist
☆663Feb 24, 2021Updated 5 years ago
Qianlitp / crawlergo
View on GitHub
A powerful browser crawler for web vulnerability scanners
☆3,021Mar 11, 2025Updated last year
ztosec / hunter
View on GitHub
Hunter作为中通DevSecOps闭环方案中的一环，扮演着很重要的角色，开源之后希望能帮助到更多企业。
☆346Dec 14, 2022Updated 3 years ago
c0ny1 / xxe-lab
View on GitHub
一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo
☆816Nov 28, 2022Updated 3 years ago
rtcatc / Packer-Fuzzer
View on GitHub
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack…
☆3,218May 24, 2024Updated last year
Mel0day / RedTeam-BCS
View on GitHub
BCS（北京网络安全大会）2019 红队行动会议重点内容
☆819Sep 4, 2019Updated 6 years ago
Ridter / redis-rce
View on GitHub
Redis 4.x/5.x RCE
☆975Nov 30, 2021Updated 4 years ago
iSafeBlue / TrackRay
View on GitHub
溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）
☆2,081Dec 16, 2023Updated 2 years ago
guimaizi / get_domain
View on GitHub
☆404Feb 28, 2020Updated 6 years ago
yzddmr6 / webshell-venom
View on GitHub
免杀webshell无限生成工具
☆1,287Apr 3, 2020Updated 5 years ago
c0ny1 / FastjsonExploit
View on GitHub
Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
☆1,389Dec 16, 2022Updated 3 years ago
Echocipher / AUTO-EARN
View on GitHub
一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具
☆740Dec 8, 2022Updated 3 years ago
threedr3am / learnjavabug
View on GitHub
Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…
☆2,693Mar 14, 2024Updated 2 years ago
WyAtu / Perun
View on GitHub
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
☆1,055Apr 25, 2019Updated 6 years ago
biggerwing / nsfocus-rsas-knowledge-base
View on GitHub
绿盟科技漏洞扫描器(RSAS)漏洞库
☆367May 30, 2019Updated 6 years ago
TideSec / FuzzScanner
View on GitHub
一个主要用于信息搜集的工具集，主要是用于对网站子域名、开放端口、端口指纹、c段地址、敏感目录等信息进行批量搜集。
☆1,010Jun 22, 2020Updated 5 years ago
Lucifer1993 / TPscan
View on GitHub
一键ThinkPHP漏洞检测
☆1,164Nov 1, 2023Updated 2 years ago
bit4woo / domain_hunter_pro
View on GitHub
domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等
☆2,118Mar 3, 2026Updated 3 weeks ago
fofapro / Hosts_scan
View on GitHub
这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
☆1,192Apr 30, 2019Updated 6 years ago
7dog7 / bottleneckOsmosis
View on GitHub
瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf
☆717Jul 20, 2022Updated 3 years ago
bit4woo / teemo
View on GitHub
A Domain Name & Email Address Collection Tool
☆1,008May 25, 2021Updated 4 years ago
zhzyker / exphub
View on GitHub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、…
☆4,273Apr 4, 2021Updated 4 years ago
SPuerBRead / HTMLSimilarity
View on GitHub
网页相似度判断：根据网页结构判断页面相似性，可用于相似度计算、越权检测等(Determine page similarity based on HTML page structure)
☆282Jul 27, 2019Updated 6 years ago
al0ne / Vxscan
View on GitHub
python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。
☆1,758Jan 2, 2020Updated 6 years ago
creditease-sec / insight
View on GitHub
洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
☆1,181Jan 12, 2021Updated 5 years ago