Coder Social home page Coder Social logo

PocHubs

PocHubs是为了整合网上知名开源框架的漏洞详细和POC,目前计划完善的是ThinkPHP、WordPress等平台。

ThinkPHP

使用方法:

# 进入网站根目录,如 /var/www/
cd /var/www
# 创建 thinkphp5 目录 tp5 ,拉取 thinkphp5 代码
git clone https://github.com/top-think/framework.git /var/www/tp5
# 创建 thinkphp3 目录 tp3 ,拉取 thinkphp3 代码
git clone https://github.com/top-think/thinkphp.git /var/www/tp3

详细漏洞列表可查看 ThinkPHP.md

目前已收录

ThinkPHP3 ThinkPHP5
ThinkPHP3.2.3_缓存函数设计缺陷可导致Getshell ThinkPHP5_SQL注入漏洞&&敏感信息泄露
ThinkPHP3.2.3_最新版update注入漏洞 ThinkPHP5.0.10缓存函数设计缺陷可导致Getshell
ThinkPHP3.2.X_find_select_delete注入 ThinkPHP框架5.0.X_sql注入漏洞分析
ThinkPHP3.X_order_by注入漏洞 ThinkPHP5.X_order_by注入漏洞
ThinkPHP5.X_远程代码执行

WordPress

使用方法:

# 进入网站根目录,如 /var/www/
cd /var/www
# 创建 wordpress 目录 wp ,并拉取 wordpress 代码
git clone https://github.com/WordPress/WordPress.git /var/www/wp

详细漏洞列表可查看 WordPress.md

目前未整合

The Poc Hubs's Projects

dnslog-go icon dnslog-go

DNSLog-GO 是一款golang编写的监控 DNS 解析记录的工具,自带WEB界面

easypen icon easypen

EasyPen is a GUI program which helps pentesters do information gathering, vulnerability scan and exploitation

godnslog icon godnslog

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

hacklog4j icon hacklog4j

《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库!

log4j2scan icon log4j2scan

Log4j2 RCE Passive Scanner plugin for BurpSuite

logout4shell icon logout4shell

Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell

nuclei icon nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

pochubs icon pochubs

PocHubs是为了整合网上知名开源框架的漏洞详细和POC

proxypool icon proxypool

自动抓取tg频道、订阅地址、公开互联网上的ss、ssr、vmess、trojan节点信息,聚合去重后提供节点列表

revsuit icon revsuit

RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.

sigma icon sigma

Generic Signature Format for SIEM Systems

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.