Artemis1029/Java_xmlhack external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Artemis1029/Java_xmlhack

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Artemis1029/Java_xmlhack)

Close

Artemis1029 / Java_xmlhackView on GitHubMore

• External links
• Readme badge

帮助java环境下任意文件下载情况自动化读取源码的小工具

☆167Apr 5, 2019Updated 6 years ago

Alternatives and similar repositories for Java_xmlhack

Users that are interested in Java_xmlhack are comparing it to the libraries listed below

• threedr3am / tomcat-cluster-session-sync-exp

  View on GitHub
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆212May 19, 2020Updated 5 years ago
• LandGrey / ClassHound

  View on GitHub
  利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
  ☆711May 10, 2021Updated 4 years ago
• wuppp / shiro_rce_exp

  View on GitHub
  Shiro RCE (Padding Oracle Attack)
  ☆148Nov 15, 2019Updated 6 years ago
• iSafeBlue / fastjson-autotype-bypass-demo

  View on GitHub
  fastjson 1.2.68 版本 autotype bypass
  ☆142Jun 17, 2022Updated 3 years ago
• Slzdude / behinder_source

  View on GitHub
  Behinder3.0 Beta4 源码（Decompile and Fixed）
  ☆206Sep 1, 2020Updated 5 years ago
• l3m0n / Bypass_Disable_functions_Shell

  View on GitHub
  一个各种方式突破Disable_functions达到命令执行的shell
  ☆1,198Oct 17, 2023Updated 2 years ago
• opensec-cn / vtest

  View on GitHub
  用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
  ☆866Jul 21, 2019Updated 6 years ago
• r35tart / RedisWriteFile

  View on GitHub
  通过 Redis 主从写出无损文件
  ☆719May 25, 2020Updated 5 years ago
• dpu / coremail-address-book

  View on GitHub
  📧Coremail邮件系统组织通讯录导出脚本
  ☆158Sep 28, 2021Updated 4 years ago
• Tycx2ry / SweetPotato_CS

  View on GitHub
  修改的SweetPotato，使之可以用于CobaltStrike v4.0
  ☆246Apr 30, 2020Updated 5 years ago
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• uknowsec / loginlog_windows

  View on GitHub
  读取登录过本机的登录失败或登录成功的所有计算机信息，在内网渗透中快速定位运维管理人员。
  ☆221Sep 30, 2019Updated 6 years ago
• lufeirider / CVE-2019-2725

  View on GitHub
  CVE-2019-2725 命令回显
  ☆436May 8, 2023Updated 2 years ago
• Ivan1ee / NET-Deserialize

  View on GitHub
  总结了20+.Net反序列化文章，持续更新
  ☆748Apr 3, 2024Updated last year
• Lonely-night / fastjson_gadgets_scanner

  View on GitHub
  ☆131Jun 17, 2022Updated 3 years ago
• feihong-cs / Java-Rce-Echo

  View on GitHub
  Java RCE 回显测试代码
  ☆1,016Oct 15, 2020Updated 5 years ago
• l3m0n / WebFuzzAttack

  View on GitHub
  web模糊测试 - 将漏洞可能性放大
  ☆145Apr 23, 2019Updated 6 years ago
• feihong-cs / JspMaster-Deprecated

  View on GitHub
  一款基于webshell命令执行功能实现的GUI webshell管理工具，支持流量加密
  ☆218Jun 4, 2021Updated 4 years ago
• 0xedh / mstsc-path-traversal

  View on GitHub
  mstsc.exe Path Traversal to RCE POC
  ☆91May 23, 2019Updated 6 years ago
• Mel0day / RedTeam-BCS

  View on GitHub
  BCS（北京网络安全大会）2019 红队行动会议重点内容
  ☆819Sep 4, 2019Updated 6 years ago
• dr0op / WeblogicScan

  View on GitHub
  增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
  ☆968Jun 16, 2024Updated last year
• lufeirider / BypassShell

  View on GitHub
  anti AV
  ☆292Mar 12, 2020Updated 5 years ago
• hayasec / reGeorg-Weblogic

  View on GitHub
  reGeorg的特殊版本，适用于老版本weblogic。
  ☆151Apr 30, 2020Updated 5 years ago
• aleenzz / MSSQL_SQL_BYPASS_WIKI

  View on GitHub
  MSSQL注入提权,bypass的一些总结
  ☆737Jun 25, 2024Updated last year
• 1120362990 / vulnerability-list

  View on GitHub
  在渗透测试中快速检测常见中间件、组件的高危漏洞。
  ☆728Mar 21, 2022Updated 3 years ago
• fnmsd / MySQL_Fake_Server

  View on GitHub
  MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
  ☆1,360Nov 18, 2021Updated 4 years ago
• c0ny1 / FastjsonExploit

  View on GitHub
  Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
  ☆1,388Dec 16, 2022Updated 3 years ago
• welk1n / JNDI-Injection-Bypass

  View on GitHub
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆484Dec 9, 2020Updated 5 years ago
• uknowsec / SharpToolsAggressor

  View on GitHub
  内网渗透中常用的c#程序整合成cs脚本，直接内存加载。持续更新~
  ☆498Feb 13, 2020Updated 6 years ago
• fnmsd / ChunkedHTTPAdapter

  View on GitHub
  参考《利用分块传输吊打所有WAF》修改的requests的Adapter
  ☆98Jan 31, 2019Updated 7 years ago
• WBGlIl / IIS_backdoor

  View on GitHub
  backdoor
  ☆262Jul 26, 2025Updated 7 months ago
• QAX-A-Team / sharpwmi

  View on GitHub
  sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。
  ☆716Aug 3, 2021Updated 4 years ago
• grayddq / EBurst

  View on GitHub
  这个脚本主要提供对Exchange邮件服务器的账户爆破功能，集成了现有主流接口的爆破方式。
  ☆339May 22, 2023Updated 2 years ago
• 7dog7 / bottleneckOsmosis

  View on GitHub
  瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf
  ☆717Jul 20, 2022Updated 3 years ago
• virink / xray-weblisten-ui

  View on GitHub
  Xray 被动扫描管理
  ☆59May 1, 2020Updated 5 years ago
• 0xzmz / burpsuite_jsapi

  View on GitHub
  A BurpSuite extension written by Python,used to find API interface in JS file.
  ☆114Mar 13, 2023Updated 2 years ago
• evi1ox / MSSQL_BackDoor

  View on GitHub
  ☆159Aug 4, 2020Updated 5 years ago
• iceyhexman / flask_memory_shell

  View on GitHub
  Flask 内存马
  ☆313Mar 26, 2021Updated 4 years ago
• al0ne / MacCheck

  View on GitHub
  一个Mac下信息搜集小脚本 主要用于信息搜集/应急响应/检测挖矿进程/异常进程/异常启动项
  ☆78Jul 21, 2020Updated 5 years ago