9.6. 漏洞利用/检测

9.6.1. 数据库注入

9.6.3. 数据库漏洞利用

9.6.4. XSS

9.6.6. 模版注入

9.6.7. HTTP Request Smuggling

  • smuggler An HTTP Request Smuggling / Desync testing tool written in Python

  • h2cSmuggler HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

9.6.8. 命令注入

9.6.9. PHP

  • Chankro Herramienta para evadir disable_functions y open_basedir

9.6.10. LFI

9.6.11. struts

9.6.13. Java框架

9.6.14. DNS相关漏洞

9.6.16. DNS 隧道

9.6.17. DNS Shell

9.6.18. XXE

9.6.19. 反序列化

9.6.19.1. Java反序列化

9.6.19.2. .NET反序列化

  • viewgen ASP.NET ViewState Generator

9.6.20. JNDI

  • Rogue JNDI A malicious LDAP server for JNDI injection attacks

9.6.22. JWT

9.6.23. 无线

9.6.24. 中间人攻击

  • mitmproxy

  • MITMf

  • ssh mitm

  • injectify

  • Responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

  • toxy Hackable HTTP proxy for resiliency testing and simulated network conditions

  • bettercap The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks

9.6.25. DHCP

9.6.26. DDoS

9.6.27. 正则表达式

  • Regexploit Find regular expressions which are vulnerable to ReDoS

9.6.28. Shellcode

  • go shellcode A repository of Windows Shellcode runners and supporting utilities

9.6.29. 越权

9.6.30. 利用平台

  • DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具

  • LuWu 红队基础设施自动化部署工具

9.6.31. 漏洞利用库

9.6.32. Windows

  • PyWSUS a standalone implementation of a legitimate WSUS server which sends malicious responses to clients