AfterSnows / ApricusFindEvilLinks

检测查杀java内存马

☆79

Alternatives and similar repositories for ApricusFindEvil

Users that are interested in ApricusFindEvil are comparing it to the libraries listed below

Sorting:

Le1a / CVE-2023-33246
Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit
☆80Updated last year
FFreestanding / JavaUnserializeChain
自己积累的一些Java反序列化利用链
☆89Updated 2 years ago
webraybtl / ysoserialbtl
基于ysoserial扩展命令执行结果回显，生成冰蝎内存马
☆89Updated last year
turn1tup / JspEncounter
☆117Updated last year
woodpecker-appstore / java-memshell-generator
Java 内存马生成插件
☆52Updated last year
freeFV / ShortPayload
如何将Java反序列化Payload极致缩小
☆53Updated 3 years ago
YYHYlh / Dubbo-Scan
一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。
☆168Updated last year
Y4Sec-Team / no-templates
如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过
☆51Updated last year
Ar3h / utf8-overlong-agent
使用 agent 实现反序列化 utf8 overlong
☆77Updated last year
Getshell / Fanzhi
《FanZhi-攻击与反制的艺术》
☆65Updated last year
woodpecker-appstore / springboot-vuldb
☆69Updated 4 years ago
xiaopan233 / GenerateNoHard
本工具的定位是快速生成Java安全相关的Payload，如内存马、反序列化链、JNDI url、Fastjson等，动态生成相关Payload，并附带相应的文档。
☆93Updated 3 months ago
pho3n1x-web / HTTPServerGO
这是一个用Go编写的红队内网环境中一个能快速开启HTTP文件浏览服务的小工具，能够执行shell命令,可以执行webshell
☆78Updated 2 years ago
ax1sX / MemShell
MemShell List
☆81Updated last year
triplexlove / javasocket
java实现反序列化建立socket连接
☆60Updated 5 months ago
passer-W / snakeyaml-memshell
springboot跨线程注入内存马
☆119Updated 3 years ago
Lotus6 / FileMonitor
Java命令行文件监控小工具(代码审计)
☆102Updated 3 years ago
0range-x / dragon-lab
☆56Updated last year
Lonely-night / fastjsonVul
fastjson 80 远程代码执行漏洞复现
☆194Updated 2 years ago
qi4L / Ysoserial-go
A Go library for generating Java deserialization payloads.
☆155Updated 8 months ago
byname66 / SerializeJava
用Go+Fyne开发的，展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。
☆109Updated 4 months ago
TonyD0g / JSPHunter
基于污点分析和模拟栈帧技术的JSP Webshell检测
☆45Updated 5 months ago
ax1sX / RouteCheck-Alpha
A Java Route Collection Tool
☆97Updated 10 months ago
KpLi0rn / ysoserial
在原有yso基础上实现依赖分离，内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆68Updated 3 years ago
luelueking / CVE-2022-25845-In-Spring
CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!
☆93Updated 6 months ago
turn1tup / JvmRaspBypass
☆14Updated 2 years ago
a1phaboy / MenoyGone
Attack cobalt strike server’s FCS by DoW
☆72Updated last year
Y4Sec-Team / mysql-jdbc-tricks
JDBC Attack Tricks
☆142Updated last year
pacemrc / VulDebug
Java漏洞调试分析集合
☆89Updated last year
vulhub / JNDIExploit
A malicious LDAP server for JNDI injection attacks
☆52Updated 2 years ago