mirror of
https://github.com/euphrat1ca/Security-List.git
synced 2026-06-30 21:09:51 +08:00
205
205
This commit is contained in:
parent
f60bb2d898
commit
cc9cc59fbb
@ -65,6 +65,7 @@
|
||||
### 数据库
|
||||
- https://github.com/oliver006/redis_exporter //GO.redis未授权访问
|
||||
- https://github.com/t0kx/exploit-CVE-2015-1427 //BASH.Elasticsearch 1.4.0 < 1.4.2 Remote Code Execution exploit and vulnerable container远程命令执行
|
||||
## 中间件漏洞
|
||||
### Java框架相关漏洞
|
||||
- https://github.com/x41sec/slides/blob/master/2019-bsides-stuttgart/YourStackTracesAreLeakingCVEs.pdf //Java服务异常信息查询敏感信息和漏洞信息列表
|
||||
- https://github.com/NickstaDB/BaRMIe //JAVA.枚举测试Java RMI(远程调用服务)安全
|
||||
|
||||
@ -22,7 +22,7 @@
|
||||
- https://github.com/coffeehb/SSTIF //SSTI (服务器模板注入) 漏洞的半自动化工具
|
||||
- https://github.com/tijme/angularjs-csti-scanner //探测客户端AngularJS模板注入漏洞工具
|
||||
- https://github.com/epinna/tplmap //SSTI (服务器模板注入) 漏洞检测与利用工具
|
||||
### TLS/SSL安全
|
||||
### SSL/TLS安全
|
||||
- https://github.com/hahwul/a2sv //SSL漏洞扫描,包括OpenSSL心脏滴血漏洞\CSS注入\SSLv3 POODLE等
|
||||
- https://github.com/nabla-c0d3/sslyze //PY3.SSL/TLS server扫描器
|
||||
### 命令执行注入
|
||||
|
||||
Loading…
Reference in New Issue
Block a user