108 Open source projects that are alternatives of or similar to Tp5 Getshell

NodeJS Red-Team Cheat Sheet

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

JSON Web Token Authentication for Thinkphp

✨ ExpressPHP V1是一个极简的 web 开发MVC框架，和ThinkPHP5一样现代化，比CodeIgniter还要轻量级，真正突破框架限制，让你感受到自由，同时兼顾高性能、低学习成本。

Some exploits, which I’ve created during my OSCE preparation.

Python bind shell single line code for both Unix and Windows, used to find and exploit RCE (ImageMagick, Ghostscript, ...)

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

exploit code for F5-Big-IP (CVE-2020-5902)

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

Some personal exploits/pocs

ThinkPHP 6 权限认证

ThinkPHP5——phpunit测试用例

spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧

🍻thinkphp5 learning:a messageboard project

An All-In-One Pure Python PoC for CVE-2021-44228

使用thinkPHP5.0开发的后台简洁管理系统脚手架，cpms-php是采用TP5.0开发的一个简单的后台脚手架管理系统（包括前台展示和后台管理部分）。主要模块有：用户登入验证、后台管理员增删改查、文章发布、RBAC权限管理、socketIO在线即时聊天

Distributed, workflow-driven integration environment

CVE-2019-16759 vbulletin 5.0.0 till 5.5.4 pre-auth rce

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer

基于 Thinkphp5 开发的日志查看扩展包。

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

基于thinkphp5.1、vue、iview的一个后台管理系统

A RESTful API package

log4j rce test environment and poc

Penelope Shell Handler

thinkphp 5 redis读写分离驱动

PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits

DoS PoC's for SAP products

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

一个tp5的RBAC库，使用composer来安装和更新你的项目对于RBAC的需求。同时支持jwt方式的验证。包含了RBAC需要的数据表的数据迁移，能够很方便的开始开发。

lake-admin是一款基于ThinkPHP6和Layui的后台开发框架。

CVE-2020-36179~82 Jackson-databind SSRF&RCE

leacmf是一款基于ThinkPHP5.1+layui的极速后台和api开发框架。

thinkphp5+workerman+gatewayworker搭建的webim客服系统/即时通讯

Vue-cli3.0 + Element UI + ThinkPHP5.1 + RBAC权限 + 响应式的后台管理系统 https://lmxdawn.github.io/vue-admin

基于 ThinkPHP 基础开发平台（登录账号密码都是 admin ）

🐘 A simple and practical CMS implememted by ThinkPHP 5.1

Redis 4.x/5.x RCE

Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

DDoor - cross platform backdoor using dns txt records

Weblogic coherence.jar RCE

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

🛠 Tools and scripts to manipulate Android APKs