struts2_check - 一个用于识别目标网站是否采用Struts2框架开发的工具demo

  •        10

一个用于识别目标网站是否采用Struts2框架开发的工具demo

https://github.com/coffeehb/struts2_check

Tags
Implementation
License
Platform

   




Related Projects

Struts2 TemplateDispatcherResult

  •    Java

It is a lightweight extension on top of Struts2. Web page layouts will be defined in template JSP files, and each part of page content will be implemented in a standalone JSP file. struts.xml will be used to assemble layouts and content together.

maven-framework-project - 基于maven的多框架和多视图融合技术(Struts1、Struts2、Spring、SpringMVC、Hibernate、Ibatis、MyBatis、Spring Data JPA、DWR)

  •    Java

基于maven的多框架和多视图融合技术(Struts1、Struts2、Spring、SpringMVC、Hibernate、Ibatis、MyBatis、Spring Data JPA、DWR)

DumpsterFire - "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events

  •    Python

The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts. The toolset is designed to be dynamically extensible, allowing you to create your own Fires (event modules) to add to the included collection of toolset Fires. Just write your own Fire module and drop it into the FireModules directory. The DumpsterFire toolset will auto-detect your custom Fires at startup and make them available for use.

Cloakify - CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings; Evade DLP/MLS Devices; Defeat Data Whitelisting Controls; Social Engineering of Analysts; Evade AV Detection

  •    Python

CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Defeat Data Whitelisting Controls; Evade AV Detection. Text-based steganography using lists. Convert any file type (e.g. executables, Office, Zip, images) into a list of everyday strings. Very simple tools, powerful concept, limited only by your imagination. For a quick start on CloakifyFactory, see the cleverly titled file "README_GETTING_STARTED.txt" in the project for a walkthrough.

EggShell - iOS/macOS/Linux Remote Administration Tool

  •    Objective-C

EggShell is a post exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is project is a proof of concept, intended for use on machines you own. Eggshell payloads are executed on the target machine. The payload first sends over instructions for getting and sending back device details to our server and then chooses the appropriate executable to establish a secure remote control session.


msdat - MSDAT: Microsoft SQL Database Attacking Tool

  •    Python

MSDAT (Microsoft SQL Database Attacking Tool) is an open source penetration testing tool that tests the security of Microsoft SQL Databases remotely. Tested on Microsof SQL database 2005, 2008 and 2012.

odat - ODAT: Oracle Database Attacking Tool

  •    Python

ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely. Tested on Oracle Database 10g, 11g and 12c.

CloudFlair - 🔎 Find origin servers of websites behind by CloudFlare using Internet-wide scan data from Censys

  •    Python

CloudFlair is a tool to find origin servers of websites protected by CloudFlare who are publicly exposed and don't restrict network access to the CloudFlare IP ranges as they should. The tool uses Internet-wide scan data from Censys to find exposed IPv4 hosts presenting an SSL certificate associated with the target's domain name.

hackUtils - It is a hack tool kit for pentest and web security research.

  •    Python

It is a hack tool kit for pentest and web security research, which is based on BeautifulSoup bs4 module http://www.crummy.com/software/BeautifulSoup/bs4/.

xssor2 - XSS'OR - Hack with JavaScript.

  •    Javascript

XSS'OR - Hack with JavaScript. It contains three major modules: Encode/Decode, Codz, Probe.

struts2 - Mirror of Apache Struts 2

  •    Java

Mirror of Apache Struts 2

KofCMS

  •    

CMS???struts2+spring3+hibernate4+spring security??

JQzgf

  •    

???:struts2,UI:ligerUI ???:spring ???:ibatis

Alveole Studio MVC Web Project

  •    Java

An eclipse plugin for graphically designing MVC j2ee web project. Designed for Struts 2 (extensible to other frameworks). This can be seen as an eclipse plugin for struts2.

habu - Python Network Hacking Toolkit

  •    Python

I'm developing Habu to teach (and learn) some concepts about Python and Network Hacking. These are basic functions that help with some tasks for Ethical Hacking and Penetration Testing.

scons - SCons - a software construction tool

  •    XSLT

Welcome to the SCons development tree. The real purpose of this tree is to package SCons for production distribution in a variety of formats, not just to hack SCons code. If all you want to do is install and run SCons, it will be easier for you to download and install the scons-{version}.tar.gz or scons-{version}.zip package rather than to work with the packaging logic in this tree.

MobileApp-Pentest-Cheatsheet - The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics

  •    

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics and checklist, which is mapped OWASP Mobile Risk Top 10 for conducting pentest. Your contributions and suggestions are welcome.

Raccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning

  •    Python

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file. As most of Raccoon's scans are independent and do not rely on each other's results, it utilizes Python's asyncio to run most scans asynchronously.

Pompem - Find exploit tool

  •    Python

Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases. Developed in Python, has a system of advanced search, that help the work of pentesters and ethical hackers. In the current version, it performs searches in PacketStorm security, CXSecurity, ZeroDay, Vulners, National Vulnerability Database, WPScan Vulnerability Database ... You can download the latest tarball by clicking here or latest zipball by clicking here.