00theway / Ghostcat-CNVD-2020-10487
Ghostcat read file/code execute,CNVD-2020-10487(CVE-2020-1938)
☆383Updated 5 years ago
Alternatives and similar repositories for Ghostcat-CNVD-2020-10487:
Users that are interested in Ghostcat-CNVD-2020-10487 are comparing it to the libraries listed below
- A tiny project for generating SnakeYAML deserialization payloads☆587Updated 5 years ago
- Tools, utilities and scripts to help you write redis modules!☆270Updated 9 months ago
- That repository contains my updates to the well know java deserialization exploitation tool ysoserial.☆177Updated 2 years ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆725Updated 3 years ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆573Updated 4 years ago
- iis6 exploit 2017 CVE-2017-7269☆87Updated 2 years ago
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆237Updated 4 months ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆389Updated 2 years ago
- exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts☆162Updated last year
- Exploit for Drupal 7 <= 7.57 CVE-2018-7600☆133Updated 6 years ago
- Java RMI Vulnerability Scanner☆854Updated 8 months ago
- CVE-2020–14882、CVE-2020–14883☆283Updated 4 years ago
- The great impacket example scripts compiled for Windows☆948Updated 6 years ago
- Sudo Baron Samedit Exploit☆743Updated 3 years ago
- CVE-2019-1388 UAC提权 (nt authority\system)☆185Updated 5 years ago
- ☆469Updated last year
- IOXIDResolver.py from AirBus Security☆239Updated last year
- Grafana Unauthorized arbitrary file reading vulnerability☆355Updated 2 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆853Updated 2 years ago
- Log4j jndi injects the Payload generator☆486Updated 3 years ago
- A super small jsp webshell with file upload capabilities.☆294Updated 3 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆595Updated 4 years ago
- ☆402Updated 3 years ago
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.☆351Updated 2 years ago
- Remote Code Injection In Log4j☆463Updated 3 years ago
- 🎯 Server Side Template Injection Payloads☆634Updated 8 months ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆592Updated last year
- RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1☆157Updated 4 years ago
- Privilege escalation with polkit - CVE-2021-3560☆118Updated 3 years ago
- Redis(<=5.0.5) RCE☆1,038Updated last year