205
This commit is contained in:
euphrat1ca 2019-12-11 19:01:34 +08:00
parent f60bb2d898
commit cc9cc59fbb
2 changed files with 2 additions and 1 deletions

View File

@ -65,6 +65,7 @@
### 数据库
- https://github.com/oliver006/redis_exporter //GO.redis未授权访问
- https://github.com/t0kx/exploit-CVE-2015-1427 //BASH.Elasticsearch 1.4.0 < 1.4.2 Remote Code Execution exploit and vulnerable container远程命令执行
## 中间件漏洞
### Java框架相关漏洞
- https://github.com/x41sec/slides/blob/master/2019-bsides-stuttgart/YourStackTracesAreLeakingCVEs.pdf //Java服务异常信息查询敏感信息和漏洞信息列表
- https://github.com/NickstaDB/BaRMIe //JAVA.枚举测试Java RMI远程调用服务安全

View File

@ -22,7 +22,7 @@
- https://github.com/coffeehb/SSTIF //SSTI (服务器模板注入) 漏洞的半自动化工具
- https://github.com/tijme/angularjs-csti-scanner //探测客户端AngularJS模板注入漏洞工具
- https://github.com/epinna/tplmap //SSTI (服务器模板注入) 漏洞检测与利用工具
### TLS/SSL安全
### SSL/TLS安全
- https://github.com/hahwul/a2sv //SSL漏洞扫描包括OpenSSL心脏滴血漏洞\CSS注入\SSLv3 POODLE等
- https://github.com/nabla-c0d3/sslyze //PY3.SSL/TLS server扫描器
### 命令执行注入