00theway / Ghostcat-CNVD-2020-10487
Ghostcat read file/code execute,CNVD-2020-10487(CVE-2020-1938)
☆364Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for Ghostcat-CNVD-2020-10487
- A tiny project for generating SnakeYAML deserialization payloads☆563Updated 5 years ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆712Updated 3 years ago
- Java RMI Vulnerability Scanner☆828Updated 4 months ago
- exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts☆161Updated last year
- Tools, utilities and scripts to help you write redis modules!☆263Updated 5 months ago
- That repository contains my updates to the well know java deserialization exploitation tool ysoserial.☆176Updated 2 years ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆555Updated 3 years ago
- IOXIDResolver.py from AirBus Security☆220Updated last year
- Sudo Baron Samedit Exploit☆737Updated 2 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆527Updated 9 months ago
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆218Updated 2 months ago
- Exploit for Drupal 7 <= 7.57 CVE-2018-7600☆130Updated 6 years ago
- CVE-2019-1388 UAC提权 (nt authority\system)☆185Updated 5 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆585Updated 3 years ago
- CVE-2020–14882、CVE-2020–14883☆284Updated 4 years ago
- ☆465Updated last year
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆803Updated last year
- JMX enumeration and attacking tool.☆392Updated last month
- iis6 exploit 2017 CVE-2017-7269☆87Updated last year
- Remote Code Injection In Log4j☆460Updated 2 years ago
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.☆348Updated 2 years ago
- Log4j jndi injects the Payload generator☆489Updated 2 years ago
- Blind WAF identification tool☆616Updated 4 months ago
- RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1☆157Updated 3 years ago
- A super small jsp webshell with file upload capabilities.☆290Updated 3 years ago
- The great impacket example scripts compiled for Windows☆918Updated 5 years ago
- Proof of Concept Exploit for vCenter CVE-2021-21972☆252Updated 3 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆744Updated 7 months ago
- ☆398Updated 2 years ago
- project-blacklist3r☆499Updated 2 years ago