danran12

danran12's Stars

• f0ng/autoDecoder-usages

  autoDecoder的用法及案例，包含加解密方法、绕waf、替换参数等操作。

  Language:Python22527

• ttstormxx/jjjjjjjjjjjjjs

  爬网站JS文件，自动fuzz api接口，指定api接口（针对前后端分离项目，可指定后端接口地址），回显api响应

  Language:Python64051

• sule01u/AutorizePro

  🧿 AutorizePro是一款强大越权检测 Burp 插件，通过增加 AI 辅助分析 && 进一步优化检测逻辑，大幅降低误报率，提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.

  Language:Python58739

• charonlight/xxl-jobExploitGUI

  xxl-job最新漏洞利用工具

  27921

• Dm2333/ATTCK-PenTester-Book

  ATTCK-PenTester-Book

  1.1k323

• c0ny1/passive-scan-client

  Burp被动扫描流量转发插件

  Language:Java1.4k170

• c0r1/BypassPro

  AutoBypass403-BurpSuite 插件二开重构，优化执行逻辑

  Language:Java2609

• ki9mu/ARL-plus-docker

  基于ARL-V2.6.2修改后的版本

  Language:Shell782124

• c0ny1/FastjsonExploit

  Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）

  Language:Java1.3k173

• running-elephant/datart

  Datart is a next generation Data Visualization Open Platform

  Language:TypeScript2k602

• assetnote/nowafpls

  Burp Plugin to Bypass WAFs through the insertion of Junk Data

  Language:Python981103

• saoshao/DetSql

  Burp插件，快速探测可能存在SQL注入的请求并标记，提高测试效率

  Language:Java30915

• w-digital-scanner/w13scan

  Passive Security Scanner (被动式安全扫描器)

  Language:Smarty1.9k360

• wh1t3zer/SpringBootVul-GUI

  一个半自动化springboot打点工具，内置目前springboot所有漏洞

  Language:Java58141

• xk11z/unauthorized

  常见的未授权漏洞检测

  Language:Python24439

• flydyyg/readTdose-xiangrikui

  Language:Go8323

• PortSwigger/turbo-intruder

  Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

  Language:Kotlin1.5k221

• F6JO/JsRouteScan

  Burpsuite - Js Route Scan 正则匹配获取响应中的路由进行被动探测与递归目录探测的burp插件

  Language:Java26113

• HackAllSec/hfinger

  一个用于web框架、CDN和CMS指纹识别的高性能命令行工具。A high-performance command-line tool for web framework, CDN and CMS fingerprinting.

  Language:Go1798

• elkokc/reflector

  Burp plugin able to find reflected XSS on page in real-time while browsing on site

  Language:Java1.1k162

• 4ra1n/4ra1n

  12

• BuffaloWill/oxml_xxe

  A tool for embedding XXE/XML exploits into different filetypes

  Language:Ruby1.1k230

• jwilk/traversal-archives

  archive file samples for testing against directory traversal

  Language:Makefile13514

• charonlight/ZentaoExploitGUI

  禅道最新身份认证绕过漏洞利用工具

  1517

• lemonlove7/dirsearch_bypass403

  目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别

  Language:Python73760

• maurosoria/dirsearch

  Web path scanner

  Language:Python12.4k2.3k

• Janhsu/oday

  javafx编写的poc管理工具和漏洞扫描的小工具

  Language:Java32227

• chaitin/xpoc

  为供应链漏洞扫描设计的快速应急响应工具 [快速应急] [漏洞扫描] [端口扫描] [xray2.0进行时] A fast emergency response tool designed for supply chain vulnerability scanning.

  1k41

• chaitin/xapp

  2618

• wyzxxz/aksk_tool

  AK资源管理工具，阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM/E2/UHOST/ECI/BCC执行命令，OSS/COS/S3/BOS管理，RDS/DB管理，域名管理，添加RAM/CAM/IAM账号等

  71463