黑客(駭客)漏洞偵測神器
黑客(駭客)漏洞偵測神器
資料來源: https://mp.weixin.qq.com/s?__biz=MzIyMDEzMTA2MQ==&mid=2651152620&idx=2&sn=77958f4ffa32d4e9f2b18ea3310c7687&chksm=8c217b76bb56f260c23ccd08f3460848886b6a83d391f7ece6ac8c07f2d0eb8385517467f1ca&scene=126&sessionid=1597626085&key=baed9475c9f7eb8b641611e3a80a18e53f54a722ab315ad19a2a76577737b6781a3e0ed46552098989a7f600ce0284e75d08a00aaae565aed205e227f1fe4bac6859dea37841cbb84f72d19162c78328ea83b2fba88f4251cdec50599c93832e833a984322865560839565a96444208afea801a6bd5416ad8172724c991626b3&ascene=1&uin=MjIwODk2NDgxNw%3D%3D&devicetype=Windows+10+x64&version=62090529&lang=zh_TW&exportkey=AipDZHHdoFo9DMZzYTU88uA%3D&pass_ticket=6Z9NdHcBm1qk9sF%2BYpxKSf5Dog0WVjk5xbUEiTqTA%2B9SuuiZGFOAf%2BFF5HL1Yem3
01.SQL注入漏洞(SQLmap)
項目地址:http://sqlmap.org/
02.專注於Web瀏覽器的滲透測試工具(beef)
項目地址:https://beefproject.com/
03.文件包含漏洞(LFISuite)
項目地址:https://github.com/D35m0nd142/LFISuite
04.CSRF漏洞的測試工具(CSRFTester)
項目地址:https://wiki.owasp.org/index.php/File:CSRFTester-1.0.zip
05.外部實體注入漏洞(XXEinjector)
項目地址:https://github.com/enjoiz/XXEinjector
06.Xpath注入(XCat)
項目地址:https://github.com/orf/xcat
07.Struts漏洞利用(K8 Struts2 Exploit)
推薦理由:Struts2綜合漏洞利用工具,包含收集信息,執行命令、文件上傳、連接小馬、文件管理等功能。
08.Jboss漏洞
項目地址:https://github.com/joaomatosf/jexboss