10.6. 漏洞利用/检测¶
10.6.2. 非结构化数据库注入¶
10.6.3. 数据库漏洞利用¶
- mysql unsha1
- ODAT Oracle Database Attacking Tool
10.6.4. XSS¶
10.6.5. SSRF¶
10.6.7. HTTP Request Smuggling¶
- smuggler An HTTP Request Smuggling / Desync testing tool written in Python
- h2cSmuggler HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
10.6.11. struts¶
10.6.12. CMS¶
- Joomla Vulnerability Scanner
- Drupal enumeration & exploitation tool
- Wordpress Vulnerability Scanner
- TPscan 一键ThinkPHP漏洞检测
- dedecmscan 织梦全版本漏洞扫描
10.6.13. Java框架¶
- ShiroScan Shiro<=1.2.4反序列化检测工具
- fastjson rce tool fastjson命令执行利用工具
10.6.14. DNS相关漏洞¶
- dnsAutoRebinding
- AngelSword
- Subdomain TakeOver
- dnsReaper dnsReaper - subdomain takeover tool
- mpDNS
- JudasDNS Nameserver DNS poisoning
- singularity A DNS rebinding attack framework by NGC Group
10.6.15. DNS数据提取¶
10.6.16. DNS 隧道¶
10.6.18. XXE¶
- XXEinjector
- XXER
- DTD Finder List DTDs and generate XXE payloads using those local DTDs
10.6.19. 反序列化¶
10.6.19.1. Java反序列化¶
- ysoserial
- JRE8u20 RCE Gadget
- Java Serialization Dumper A tool to dump Java serialization streams in a more human readable form
- marshalsec Java Unmarshaller Security - Turning your data into code execution
- gadgetinspector A byte code analyzer for finding deserialization gadget chains in Java applications
- fastjsonScan fastjson漏洞burp插件
10.6.20. JNDI¶
- Rogue JNDI A malicious LDAP server for JNDI injection attacks
- JNDI Injection Exploit
- JNDIExploit
10.6.21. 端口Hack¶
10.6.23. 无线¶
10.6.24. 中间人攻击¶
- mitmproxy
- MITMf
- ssh mitm
- injectify
- Responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
- toxy Hackable HTTP proxy for resiliency testing and simulated network conditions
- bettercap The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks
10.6.27. 正则表达式¶
- Regexploit Find regular expressions which are vulnerable to ReDoS
10.6.28. Shellcode¶
- go shellcode A repository of Windows Shellcode runners and supporting utilities
10.6.29. 越权¶
10.6.31. 漏洞利用库¶
- Penetration Testing POC
- thc ipv6 IPv6 attack toolkit