Ape1ron / SpringAopInDeserializationDemo1Links

在spring-aop中新发现的反序列化gadget-chain

☆52

Alternatives and similar repositories for SpringAopInDeserializationDemo1

Users that are interested in SpringAopInDeserializationDemo1 are comparing it to the libraries listed below

Sorting:

TonyD0g / JSPHunter
基于污点分析和模拟栈帧技术的JSP Webshell检测
☆48Updated 4 months ago
0xrumble / BytecodeScreen
☆50Updated 3 years ago
yezere / codeql_n1ght
方便自己搭建codeql环境和数据库的工具。
☆64Updated 5 months ago
lz2y / DubboPOC
Apache Dubbo漏洞测试Demo及其POC
☆65Updated 2 years ago
flowerwind / AutoGenerateXalanPayload
cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
☆93Updated 3 years ago
jorgectf / jdk4QL
Java JDK 8-18 CodeQL databases
☆17Updated last year
tabby-sec / tabby-intellij-plugin
A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
☆39Updated last year
Boogipop / Netty-WebFlux-Memshell
Netty/WebFlux 内存马
☆26Updated 2 years ago
cwkiller / ClassLinefix
Java bytecode line number restoration tool
☆132Updated 5 months ago
Ape1ron / davinci
多组件客户端
☆74Updated 9 months ago
bluE0a / java-memshell-scanner
添加Connector内存马与ws内存马检测逻辑
☆16Updated 3 years ago
turn1tup / JvmRaspBypass
☆17Updated 3 years ago
H3rmesk1t / Fastjson-Gadgets-Automatic-Scanner
Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …
☆49Updated 3 years ago
lightless233 / sign-me-2
Easy burp sign extension!
☆56Updated last year
ax1sX / SpringSecurity
A list for Spring Security
☆128Updated 2 years ago
KpLi0rn / DeserializeAll
一个简单的批量反编译jar包的小脚本
☆45Updated 3 years ago
freeFV / ShortPayload
如何将Java反序列化Payload极致缩小
☆69Updated 4 years ago
wangsz05 / LearnDemo
☆16Updated 3 years ago
woodpecker-appstore / java-memshell-generator
Java 内存马生成插件
☆54Updated 2 years ago
pacemrc / VulDebug
Java漏洞调试分析集合
☆91Updated last year
yzddmr6 / MyPresentations
My security presentations
☆29Updated 2 years ago
Y4tacker / CobaltStrike4.7ServerDocker
docker运行cs4.7server端
☆39Updated 3 years ago
sf197 / MemoryShellHunter
Java Agent memory horse scanner combined with Call Graph modus
☆65Updated 3 years ago
xiaopan233 / Java_agent_without_file
Java agent without file 无文件的Java agent
☆82Updated 3 years ago
webraybtl / StudyCodeQLpy
☆19Updated 2 years ago
Xsw6 / JavaSec
☆29Updated 2 years ago
ffadd / JNDIKit
JNDI/LDAP注入利用工具，对命令进行两种编码，支持多种绕过高版本JDK的方式（参考大佬代码造的轮子）
☆44Updated 4 years ago
cwkiller / JDBC-PROXY-Bypass
利用代理驱动绕过JDBC Attack检测
☆143Updated 7 months ago
l3yx / Java-RASP-Research-Env
之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境
☆71Updated last year
Rvn0xsy / DumperAnalyze
通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩，可以做一些破解、加密验证的绕过等操作
☆116Updated last year