RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
☆449Sep 7, 2022Updated 3 years ago
Alternatives and similar repositories for rmiscout
Users that are interested in rmiscout are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆616Mar 4, 2021Updated 5 years ago
- Java RMI enumeration and attack tool.☆748Sep 28, 2017Updated 8 years ago
- Java RMI Vulnerability Scanner☆920Jul 3, 2024Updated last year
- RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…☆110Oct 10, 2020Updated 5 years ago
- JMX enumeration and attacking tool.☆505Jun 26, 2025Updated 11 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆661Feb 1, 2025Updated last year
- List DTDs and generate XXE payloads using those local DTDs.☆661Feb 21, 2024Updated 2 years ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- MOGWAI LABS JMX exploitation toolkit☆207Mar 13, 2023Updated 3 years ago
- mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socke…☆771Feb 16, 2021Updated 5 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,177May 26, 2023Updated 3 years ago
- Apache Solr Injection Research☆580Jan 28, 2020Updated 6 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,083Jun 15, 2021Updated 4 years ago
- A tool to dump Java serialization streams in a more human readable form.☆1,073Jun 21, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A fake JDBC driver that allows OS command execution.☆126Oct 2, 2022Updated 3 years ago
- A malicious LDAP server for JNDI injection attacks☆76Nov 15, 2024Updated last year
- Notes about attacking Jenkins servers☆2,098Jul 10, 2024Updated last year
- Java Message Exploitation Tool☆509Jul 6, 2022Updated 3 years ago
- bypass JEP290 RaspHook code☆63Sep 21, 2020Updated 5 years ago
- A helpful Java Deserialization exploit framework.☆1,240Feb 17, 2025Updated last year
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆484Dec 9, 2020Updated 5 years ago
- Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely☆424Jul 27, 2022Updated 3 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆389Apr 16, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆583Sep 7, 2021Updated 4 years ago
- Weblogic coherence.jar RCE☆176May 10, 2020Updated 6 years ago
- ☆1,387Jul 2, 2020Updated 5 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆802Nov 7, 2021Updated 4 years ago
- Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop☆1,282Nov 2, 2022Updated 3 years ago
- A malicious LDAP server for JNDI injection attacks☆1,084Sep 28, 2023Updated 2 years ago
- goddi (go dump domain info) dumps Active Directory domain information☆427May 31, 2022Updated 4 years ago
- ODAT: Oracle Database Attacking Tool☆1,762Mar 31, 2026Updated 2 months ago
- .NET Project for Attacking vCenter☆559Nov 11, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Tunnellable HTTP/HTTPS socks4a proxy written in C# and deployable via PowerShell☆496Mar 15, 2023Updated 3 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,460Dec 18, 2022Updated 3 years ago
- Exploit for CVE-2020-3952 in vCenter 6.7☆275Apr 16, 2020Updated 6 years ago
- A tool to abuse Exchange services☆2,305Jun 10, 2024Updated 2 years ago
- 利用链、漏洞检测工具☆376Jul 31, 2024Updated last year
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- RMI 反序列化环境 一步步☆214Aug 31, 2020Updated 5 years ago