From 1b375d5acaa5fcfdce1c4e499e3b9230ca6eac94 Mon Sep 17 00:00:00 2001 From: Mrxn Date: Sat, 21 Nov 2020 12:47:23 +0800 Subject: [PATCH] =?UTF-8?q?add=20=E7=BB=95=E8=BF=87WAF=E7=9A=84=E5=8F=A6?= =?UTF-8?q?=E7=B1=BBwebshell=E6=9C=A8=E9=A9=AC=E6=96=87=E4=BB=B6=E6=B5=8B?= =?UTF-8?q?=E8=AF=95=E6=96=B9=E6=B3=95&TPScan.jar-Java=E7=BC=96=E5=86=99?= =?UTF-8?q?=E7=9A=84=E5=8D=95=E6=96=87=E4=BB=B6=E7=89=88=E7=9A=84TP?= =?UTF-8?q?=E6=BC=8F=E6=B4=9E=E6=89=AB=E6=8F=8F=E5=88=A9=E7=94=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 2313b28..d74add9 100644 --- a/README.md +++ b/README.md @@ -288,6 +288,7 @@ - [隐藏wifi-ssid获取 · theKingOfNight's Blog](./books/隐藏wifi-ssid获取%20·%20theKingOfNight's%20Blog.pdf) - [crt.sh证书/域名收集](./tools/crt.sh证书收集.py) - [TP漏洞集合利用工具py3版本-来自奇安信大佬Lucifer1993](https://github.com/Mr-xn/TPscan) +- [TPScan.jar-Java编写的单文件版的TP漏洞扫描利用](./tools/TPScan.jar)-[源处](https://github.com/tangxiaofeng7/TPScan) - [Python2编写的struts2漏洞全版本检测和利用工具-来自奇安信大佬Lucifer1993](https://github.com/Mr-xn/struts-scan) - [sqlmap_bypass_D盾_tamper](./tools/sqlmap_bypass_D盾_tamper.py) - [sqlmap_bypass_安全狗_tamper](./tools/sqlmap_bypass_安全狗_tamper.py) @@ -696,7 +697,7 @@ - [JNDI注入学习](./books/JNDI注入学习.pdf)-[原文地址](https://www.redteaming.top/2020/08/24/JNDI-Injection/) - [绕过CDN查找真实IP方法总结](./books/绕过CDN查找真实IP方法总结.pdf)-[原文地址](https://mp.weixin.qq.com/s/aSD6kTTOdVgoZXJuqTSqDQ) - [SQL注入简单总结——过滤逗号注入(附绕过tamper)](./books/SQL注入简单总结——过滤逗号注入.pdf)-[原地址](https://www.jianshu.com/p/d10785d22db2) -- []() +- [绕过WAF的另类webshell木马文件测试方法](./books/绕过WAF的另类webshell木马文件测试方法.pdf)-[源出](https://www.freebuf.com/articles/network/253803.html) ## 说明