BMSK1994 / JavaDeserialize-Note
Tomcat内存马、XStream、Fastjson、Weblogic T3安全笔记
☆40Updated 3 years ago
Related projects: ⓘ
- 安服面经☞渗透测试/代码审计/安全研究☆26Updated 2 years ago
- Spel-research☆24Updated 2 years ago
- burpsuite插件-被动无感识别指纹-主动poc扫描☆20Updated last week
- ☆35Updated 2 years ago
- ☁️Tencent Cloud AccessKey tools☆16Updated 2 months ago
- 一个Spring4Shell 被动式检测的Burp插件☆93Updated 2 years ago
- Java内存马相关小工具☆19Updated last year
- 一个简单的批量反编译jar包的小脚本☆30Updated 2 years ago
- Java 内存马生成插件☆48Updated last year
- Java命令行文件监控小工具(代码审计)☆92Updated 2 years ago
- woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。☆68Updated last year
- ☆51Updated this week
- burpsuite wildcard 插件维护分支☆1Updated last year
- 对接JNDIMonitor的Burp Suite被动扫描插件☆23Updated 2 years ago
- Spring core bean 日志 getshell 和 Spring Cloud Function SpEL 命令执行。☆35Updated 2 years ago
- 《Spring漏洞研究》☆44Updated 2 years ago
- 《JNDI-深入理解Java万恶之源》☆38Updated 10 months ago
- ☆17Updated this week
- 内网渗透相关总结☆37Updated 2 years ago
- 一个针对shiro反序列化漏洞(CVE-2016-4437)的快速利用工具/A simple tool targeted at shiro framework attacks with ysoserial.☆23Updated 2 years ago
- 一款探测fastjson漏洞的BurpSuite插件☆60Updated 2 years ago
- ☆26Updated this week
- ☆66Updated 3 years ago
- 利用shiro反序列化注入冰蝎内存马☆33Updated 2 years ago
- ☆47Updated this week
- 基于ysoserial扩展命令执行结果回显,生成冰蝎内存马☆84Updated last year
- CVE-2015-4852、CVE-2016-0638、CVE-2016-3510、CVE-2019-2890漏洞POC☆17Updated 4 years ago
- FofaMap云查询版是基于C/S架构打造的Fofa数据采集器,仅需配置好一个服务端,即可实现多个客户端同时在线查询,其客户端支持FofaMap国庆版全部功能。☆39Updated last year
- 《ASPX安全-只有ASPX安全才能拯救.NET》Only ASPX Security Can Save The NET.☆33Updated last year
- ☆46Updated this week