9.6. 漏洞利用/检测

文章目录

• 9.6. 漏洞利用/检测
• 9.6.1. 数据库注入
• 9.6.2. 非结构化数据库注入
• 9.6.3. 数据库漏洞利用
• 9.6.4. XSS
• 9.6.5. SSRF
• 9.6.6. 模版注入
• 9.6.7. 命令注入
• 9.6.8. PHP
• 9.6.9. LFI
• 9.6.10. struts
• 9.6.11. CMS
• 9.6.12. Java框架
• 9.6.13. DNS相关漏洞
• 9.6.14. DNS数据提取
• 9.6.15. DNS 隧道
• 9.6.16. DNS Shell
• 9.6.17. XXE
• 9.6.18. 反序列化
• 9.6.19. JNDI
• 9.6.20. 端口Hack
• 9.6.21. JWT
• 9.6.22. 无线
• 9.6.23. 中间人攻击
• 9.6.24. DHCP
• 9.6.25. DDoS
• 9.6.26. Shellcode
• 9.6.27. 越权

9.6. 漏洞利用/检测

9.6.1. 数据库注入

• SQLMap
• bbqsql

9.6.2. 非结构化数据库注入

• NoSQLAttack
• NoSQLMap
• Nosql Exploitation Framework
• MongoDB audit

9.6.3. 数据库漏洞利用

• mysql unsha1

9.6.4. XSS

• BeEF
• XSS Reciver
• DSXS
• XSStrike
• xsssniper
• tracy
• xsleaks A collection of browser-based side channel attack vectors

9.6.5. SSRF

• SSRFmap
• SSRF Proxy
• Gopherus
• SSRF Testing

9.6.6. 模版注入

• tplmap

9.6.7. 命令注入

• commix

9.6.8. PHP

• Chankro Herramienta para evadir disable_functions y open_basedir

9.6.9. LFI

• LFISuite
• FDsploit

9.6.10. struts

• struts scan

9.6.11. CMS

• Joomla Vulnerability Scanner
• Drupal enumeration & exploitation tool
• Wordpress Vulnerability Scanner
• TPscan 一键ThinkPHP漏洞检测
• edecmscan 织梦全版本漏洞扫描

9.6.12. Java框架

• ShiroScan Shiro<=1.2.4反序列化检测工具
• fastjson rce tool fastjson命令执行利用工具

9.6.13. DNS相关漏洞

• dnsAutoRebinding
• AngelSword
• Subdomain TakeOver
• mpDNS
• JudasDNS Nameserver DNS poisoning
• singularity A DNS rebinding attack framework by NGC Group

9.6.14. DNS数据提取

• dnsteal
• DNSExfiltrator
• dns exfiltration by krmaxwell
• dns exfiltration by coryschwartz
• requestbin for dns

9.6.15. DNS 隧道

• dnstunnel de
• iodine

9.6.16. DNS Shell

• chashell
• dnscat2

9.6.17. XXE

• XXEinjector
• XXER

9.6.18. 反序列化

• ysoserial
• JRE8u20 RCE Gadget
• Java Serialization Dumper
• marshalsec Java Unmarshaller Security - Turning your data into code execution
• gadgetinspector A byte code analyzer for finding deserialization gadget chains in Java applications

9.6.19. JNDI

• Rogue JNDI A malicious LDAP server for JNDI injection attacks

9.6.20. 端口Hack

• Oracle Database Attacking Tool
• nmap vulners
• nmap nse scripts
• Vulnerability Scanning with Nmap

9.6.21. JWT

• jwtcrack

9.6.22. 无线

• infernal twin

9.6.23. 中间人攻击

• mitmproxy
• MITMf
• ssh mitm
• injectify
• Responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
• toxy Hackable HTTP proxy for resiliency testing and simulated network conditions

9.6.24. DHCP

• DHCPwn

9.6.25. DDoS

• Saddam

9.6.26. Shellcode

• go shellcode A repository of Windows Shellcode runners and supporting utilities

9.6.27. 越权

• secscan authcheck