10.6. 漏洞利用/检测¶
10.6.1. 数据库注入¶
10.6.2. 非结构化数据库注入¶
10.6.3. 数据库漏洞利用¶
- ODAT Oracle Database Attacking Tool 
10.6.4. XSS¶
10.6.5. SSRF¶
10.6.6. 模版注入¶
10.6.7. HTTP Request Smuggling¶
- smuggler An HTTP Request Smuggling / Desync testing tool written in Python 
- h2cSmuggler HTTP Request Smuggling over HTTP/2 Cleartext (h2c) 
10.6.8. 命令注入¶
10.6.9. PHP¶
- Chankro Herramienta para evadir disable_functions y open_basedir 
10.6.10. LFI¶
10.6.11. struts¶
10.6.12. CMS¶
- TPscan 一键ThinkPHP漏洞检测 
- dedecmscan 织梦全版本漏洞扫描 
10.6.13. Java框架¶
- ShiroScan Shiro<=1.2.4反序列化检测工具 
- fastjson rce tool fastjson命令执行利用工具 
10.6.14. DNS相关漏洞¶
- dnsReaper dnsReaper - subdomain takeover tool 
- singularity A DNS rebinding attack framework by NGC Group 
10.6.15. DNS数据提取¶
10.6.16. DNS 隧道¶
10.6.17. DNS Shell¶
10.6.18. XXE¶
- DTD Finder List DTDs and generate XXE payloads using those local DTDs 
10.6.19. 反序列化¶
10.6.19.1. Java反序列化¶
- Java Serialization Dumper A tool to dump Java serialization streams in a more human readable form 
- marshalsec Java Unmarshaller Security - Turning your data into code execution 
- gadgetinspector A byte code analyzer for finding deserialization gadget chains in Java applications 
- fastjsonScan fastjson漏洞burp插件 
10.6.19.2. .NET反序列化¶
- viewgen ASP.NET ViewState Generator 
10.6.20. JNDI¶
- Rogue JNDI A malicious LDAP server for JNDI injection attacks 
10.6.21. 端口Hack¶
10.6.22. JWT¶
10.6.23. 无线¶
10.6.24. 中间人攻击¶
- Responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. 
- toxy Hackable HTTP proxy for resiliency testing and simulated network conditions 
- bettercap The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks 
10.6.25. DHCP¶
10.6.26. DDoS¶
10.6.27. 正则表达式¶
- Regexploit Find regular expressions which are vulnerable to ReDoS 
10.6.28. Shellcode¶
- go shellcode A repository of Windows Shellcode runners and supporting utilities 
10.6.29. 越权¶
10.6.30. 利用平台¶
10.6.31. 漏洞利用库¶
- thc ipv6 IPv6 attack toolkit 
10.6.32. 漏洞利用框架¶
10.6.33. Windows¶
- PyWSUS a standalone implementation of a legitimate WSUS server which sends malicious responses to clients