00theway / Ghostcat-CNVD-2020-10487
Ghostcat read file/code execute,CNVD-2020-10487(CVE-2020-1938)
☆362Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for Ghostcat-CNVD-2020-10487
- A tiny project for generating SnakeYAML deserialization payloads☆561Updated 5 years ago
- Tools, utilities and scripts to help you write redis modules!☆262Updated 4 months ago
- That repository contains my updates to the well know java deserialization exploitation tool ysoserial.☆176Updated 2 years ago
- CVE-2019-1388 UAC提权 (nt authority\system)☆185Updated 4 years ago
- A super small jsp webshell with file upload capabilities.☆289Updated 3 years ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆711Updated 3 years ago
- Exploit for Drupal 7 <= 7.57 CVE-2018-7600☆130Updated 6 years ago
- IOXIDResolver.py from AirBus Security☆217Updated last year
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆552Updated 3 years ago
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆218Updated last month
- iis6 exploit 2017 CVE-2017-7269☆86Updated last year
- Java RMI Vulnerability Scanner☆828Updated 4 months ago
- exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts☆161Updated last year
- The great impacket example scripts compiled for Windows☆916Updated 5 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆799Updated last year
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆585Updated 3 years ago
- Sudo Baron Samedit Exploit☆737Updated 2 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆508Updated 9 months ago
- CVE-2020–14882、CVE-2020–14883☆284Updated 3 years ago
- RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1☆158Updated 3 years ago
- ☆465Updated last year
- JMX enumeration and attacking tool.☆392Updated last month
- Encoder to bypass WAF filters using XOR operations.☆250Updated 2 years ago
- Blind WAF identification tool☆613Updated 4 months ago
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.☆348Updated 2 years ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆373Updated last year
- Remote Code Injection In Log4j☆459Updated 2 years ago
- project-blacklist3r☆495Updated 2 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆742Updated 7 months ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆112Updated 5 years ago