网安一哥奇安信2023年平均薪酬35.47w，不知道多少人被平均了

名称

名称

来源

URISearch_V1.1_T00LS_bate

目录扫描

turbo-intruder-all

高速爆破

https://github.com/PortSwigger/turbo-intruder

TsojanScan-1.4-jar-with-dependencies

漏洞检测，支持thinkphp、weblogic、fastjson、Laravel、SQL

https://github.com/Tsojan/TsojanScan

sqlmap4burp++.0.2

sqlmap联动

https://github.com/c0ny1/sqlmap4burp-plus-plus

RouteVulScan-1.4

被动漏洞扫描

https://github.com/F6JO/RouteVulScan

passive-scan-client-0.3.1

passive-scan-client-0.3.1

https://github.com/c0ny1/passive-scan-client

OutLook-1.2.0

OutLook信息获取

NPSauto-1.0

NPS反制

log4j2burpscanner-0.22.0

lo4j2漏洞检测

https://github.com/f0ng/log4j2burpscanner

knife-2.1-jar-with-dependencies

综合工具类似hackbar

https://github.com/bit4woo/knife

struts_ext_v2

struts漏洞检测

JWT4B-jar-with-dependencies

JWT

https://github.com/PortSwigger/json-web-tokens

J2EEScan

J2EE 应用程序漏洞检测

https://github.com/ilmila/J2EEScan

HTTPHeadModifer.v0.1

快速修改HTTP数据包头

HaE-2.4.6-J8

请求高亮标记与信息提取的辅助型框架式插件

https://github.com/gh0stkey/HaE

HackBar

hackbar

https://github.com/d3vilbug/HackBar

Fiora

漏洞快速搜索

https://github.com/bit4woo/Fiora

FastjsonScan

Fastjson反序列化检测

https://github.com/Maskhe/FastjsonScan

fakeIP

伪造指定ip

https://github.com/TheKingOfDuck/burpFakeIP

DaE

解密

chunked-coding-converter-0.4.0

分块传输绕WAF

https://github.com/c0ny1/chunked-coding-converter

captcha-killer-modified-0.21-beta-jdk8

图像验证码爆破

https://github.com/f0ng/captcha-killer-modified

BurpShiroPassiveScan

被动式shiro检测

https://github.com/pmiaowu/BurpShiroPassiveScan

BurpFastJsonScan

被动式FastJson检测

https://github.com/pmiaowu/BurpFastJsonScan

burp-info-extractor

快速提取数据中有价值的信息

https://github.com/theLSA/burp-info-extractor

Burp-Auto-Do-Intercept-0.0.3-all

自动拦截指定URL

https://github.com/xiaoxiaoleo/Burp-Auto-Do-Intercept

APIKit

主动/被动扫描发现应用泄露的API文档

https://github.com/API-Security/APIKit