Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Java

Elixir

C#

Swift

Go

F#

Crystal

Python

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Perl

C++

Nix

Go

JavaScript

R

Groovy

Jupyter Notebook

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇭🇳 Honduras

🇨🇻 Cabo Verde

🇳🇬 Nigeria

🇬🇭 Ghana

🇻🇳 Vietnam

🇧🇫 Burkina Faso

🇹🇱 Timor-Leste

🇧🇮 Burundi

All Countries Compare Countries

lijiejie/IIS_shortname_Scanner

Stars
522
Rank 84,811 (Top 2 %)
Language
Python
Created about 10 years ago
Updated almost 2 years ago

lijiejie/IIS_shortname_Scanner

lijiejie

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

an IIS shortname Scanner

IIS shortname Scanner

Under certain circumstances, windows 8.3 short names may be bruteforce enumerated under IIS with .net enabled,

request these two urls:

If the first one return HTTP 404 and the second one return no 404. Your server might be exploitable to this vulnerability.

Change Log (Oct 27, 2016)

Bug fixed: extention short than 4 letters like /webdeb~1.cs now could be enumerated
Code reconstruction

Usage

	iis_shortname_Scan.py target

from http://www.lijiejie.com my[at]lijiejie.com

subDomainsBrute

A fast sub domain brute tool for pentesters

GitHack

A `.git` folder disclosure exploit

BBScan

A fast vulnerability scanner helps pentesters pinpoint possibly vulnerable targets from a large number of web servers

ds_store_exp

A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.

swagger-exp

A Swagger API Exploit

htpwdScan

HTTP weak pass scanner

EasyPen

EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation

eyes.sh

Optimized DNS/HTTP Log Tool for pentesters, faster and easy to use.

idea_exploit

Gather sensitive information from (.idea) folder for pentesters

MisConfig_HTTP_Proxy_Scanner

The scanner helps to scan misconfigured reverse proxy servers and misconfigured forward proxy servers

edu-dns-zone-transfer

script to scan edu.cn DNS Servers

log4j2_vul_local_scanner

Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check whether it's affected by log4j2 remote code execution vulnerability (CVE-2021-45046)

struts2_045_scan

Struts2-045 Scanner

OutLook_WebAPP_Brute

Microsoft Outlook WebAPP Brute

WIFIpass

decrypt all saved WIFI passwords on your PC

chromePass

Decrypt all saved Chrome passwords

NPUcat

NPUcat one click proxy

DNS_AXFR_Client

A python DNS Transfer Client

lijiejie