一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景
注意:如想测试其他数据库软件PostgreSQL、Oracle,请使用相应的pg_sleep()、dbms_lock.sleep(),未测试,简单替换payload可能不好使,由此造成的漏测本人概不负责
测试demo可参考我的上一个仓库(https://github.com/ce-automne/OrderbyInjectionDemo)
Tools-Spartan This is a program that makes it easy for you to download and install tools used in Kali Linux, there are tons of tools available.
DSLF DSLF stands for (D)arth (S)ide of the (L)og4j (F)orce. It is the ultimate log4j vulnerabilities assessor. It comes with four individual Python3 m
GraphKer Open Source Tool - Cybersecurity Graph Database in Neo4j |G|r|a|p|h|K|e|r| { open source tool for a cybersecurity graph database in neo4j } W
A hashtag check python module
PasswordManager is a command-line program that helps you manage your secret files like passwords. It's very minimalistic and easy to use.
Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT
Cookiecutter for rapidly developing new open source Python packages. Best practices with all the modern bells and whistles included.
This project was developed using python 3 and Flask, it is an MVC system where the AES 128 CBC and Trivium algorithms can be tested through a communication between the computer and a device such as a
Py Permutative Encoding https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-pst/5faf4800-645d-49d1-9457-2ac40eb467bd Generate proxyshell
DepFine DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE Installation: You Can inst
Apache-Log4j Apache Log4j 远程代码执行 攻击者可直接构造恶意请求,触发远程代码执行漏洞。漏洞利用无需特殊配置,经阿里云安全团队验证,Apache Struts2、Apache Solr、Apache Druid、Apache Flink等均受影响 Steps 【Import
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.
Filesystem log4j_scanner for windows and Unix. Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571 Requires a minimum of Python 2.7. Can be ex
Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response
tanchi A signature parser for hikari's command handler tanjun. Finally be able to define your commands without those bloody decorator chains! Example
OSV - Open Source Vulnerabilities OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source
Ox4Shell Deobfuscate Log4Shell payloads with ease. Description Since the release
Autoflow - Windows Stack Based Auto Buffer Overflow Exploiter Autoflow is a tool that exploits windows stack based buffer overflow automatically.
Pupy Installation Installation instructions are on the wiki, in addition to all other documentation. For maximum compatibility, it is recommended to u
S2-061 脚本皆根据vulhub的struts2-059/061漏洞测试环境来写的,不具普遍性,还望大佬多多指教 struts2-061-poc.py(可执行简单系统命令) 用法:python struts2-061-poc.py http://ip:port command 例子:python
1 Nov 10, 2021
1 Jan 11, 2022
27 Dec 06, 2022
3 Aug 10, 2022
3 Dec 30, 2021
22 Dec 04, 2022
177 Dec 22, 2022
1 Dec 26, 2021
63 Nov 15, 2022
14 Nov 11, 2022
57 Oct 03, 2022
9 Sep 27, 2022
4 Jan 09, 2022
8 Jun 23, 2022
11 Nov 17, 2022
893 Jan 04, 2023
137 Jan 02, 2023
19 Dec 22, 2022
7.4k Jan 04, 2023
46 Oct 20, 2022