coffeehb / Struts2_check
一个用于识别目标网站是否采用Struts2框架开发的工具demo
Stars: ✭ 124
Labels
Projects that are alternatives of or similar to Struts2 check
One Lin3r
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
Stars: ✭ 1,259 (+915.32%)
Mutual labels: pentest-tool
Arl
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+994.35%)
Mutual labels: pentest-tool
Espkey
Wiegand data logger, replay device and micro door-controller
Stars: ✭ 114 (-8.06%)
Mutual labels: pentest-tool
Eyes.sh
Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-28.23%)
Mutual labels: pentest-tool
Erodir
A fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-24.19%)
Mutual labels: pentest-tool
Ldap search
Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-37.1%)
Mutual labels: pentest-tool
Ssrf Testing
SSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+1285.48%)
Mutual labels: pentest-tool
Win Portfwd
Powershell script to setup windows port forwarding using native netsh client
Stars: ✭ 95 (-23.39%)
Mutual labels: pentest-tool
Mitm Scripts
🔄 A collection of mitmproxy inline scripts
Stars: ✭ 109 (-12.1%)
Mutual labels: pentest-tool
Eggshell
iOS/macOS/Linux Remote Administration Tool
Stars: ✭ 1,286 (+937.1%)
Mutual labels: pentest-tool
Foolavc
foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV
Stars: ✭ 93 (-25%)
Mutual labels: pentest-tool
In Spectre Meltdown
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-30.65%)
Mutual labels: pentest-tool
Venom
Venom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+890.32%)
Mutual labels: pentest-tool
Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-16.94%)
Mutual labels: pentest-tool
Msploitego
Pentesting suite for Maltego based on data in a Metasploit database
Stars: ✭ 124 (+0%)
Mutual labels: pentest-tool
Ratel
RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-2.42%)
Mutual labels: pentest-tool
Catnip
Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-12.9%)
Mutual labels: pentest-tool
struts2_check
一个用于识别目标网站是否采用Struts2框架开发的工具Demo
这个工具来自 n1nty 大佬提供的方法,出于兴趣尝试实现一下Demo程序。
原理方法来自:
https://threathunter.org/topic/594a9f0fde1d70c20885ccd5
备注:
ThreatHunter: 一个专注于高级威胁发现与安全数据分析的社区
使用:
python struts2_check.py http://www.demo.com/
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].