Anthem-whisper / YApi-Exploit
YApi boolean-based injection exploit.
☆58Updated last year
Related projects ⓘ
Alternatives and complementary repositories for YApi-Exploit
- JNDI/LDAP注入利用工具,对命令进行两种编码,支持多种绕过高版本JDK的方式(参考大佬代码造的轮子)☆42Updated 2 years ago
- 窃取当前用户的ssh,sudo密码☆69Updated last year
- Java 内存马生成插件☆50Updated last year
- 该项目是通过go语言实现防止rmi利用被反置的问题。☆44Updated 2 years ago
- detect gitlab detail version☆48Updated 2 months ago
- woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。☆67Updated last year
- A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily☆30Updated last week
- ☁️Tencent Cloud AccessKey tools☆16Updated 4 months ago
- CodeQL 寻找 JNDI利用 Lookup接口☆162Updated 2 years ago
- [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload☆90Updated 2 years ago
- 连接eval一句话webshell,获得可交互的虚拟终端☆97Updated 2 years ago
- docker运行cs4.7server端☆37Updated last year
- Spel-research☆24Updated 2 years ago
- Yapi mock script RCE another version. Webshell way. 另一种 Webshell 方式的 Yapi 命令执行的方法 相比于其他的利用方式 更加微操和可控 影响更小☆65Updated 4 months ago
- ☆4Updated 2 years ago
- ☆51Updated 2 years ago
- CVE-2021-43297 POC,Apache Dubbo<= 2.7.13时可以实现RCE☆38Updated 2 years ago
- NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script☆85Updated 2 years ago
- 无影脚 - 命令行下的日志文件处理工具☆51Updated 2 years ago
- webshell manager libraries | 网站管理工具☆123Updated 2 years ago
- Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …☆50Updated 2 years ago
- <a href="sumsec.me"><img src="https://readme-typing-svg.demolab.com?font=Fira+Code&size=24&pause=1000&color=FDFDFD&background=13797800&ce…☆53Updated this week
- 基于SerializationDumper的Shiro Cookie序列化数据解密小工具☆52Updated 4 years ago
- Yapi RCE漏洞批量验证与伪交互SHELL☆42Updated 3 years ago
- Redis primary/secondary replication RCE☆43Updated 2 years ago
- anonymous to cluster-admin via Heapdump.☆29Updated last year