Contrast-Security-OSS/Spring-Kafka-POC-CVE-2023-34040 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Contrast-Security-OSS/Spring-Kafka-POC-CVE-2023-34040

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Contrast-Security-OSS/Spring-Kafka-POC-CVE-2023-34040)

Close

Contrast-Security-OSS / Spring-Kafka-POC-CVE-2023-34040View on GitHubMore

• External links
• Readme badge

POC for Spring Kafka Deserialization Vulnerability CVE-2023-34040

☆46Apr 16, 2026Updated 3 weeks ago

Alternatives and similar repositories for Spring-Kafka-POC-CVE-2023-34040

Users that are interested in Spring-Kafka-POC-CVE-2023-34040 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• di0xide-U / YSTupload

  View on GitHub
  亿赛通电子文档安全管理系统-/UploadFileFromClientServiceForClient 任意文件上传漏洞
  ☆13Aug 15, 2023Updated 2 years ago
• Garck3h / cve-2023-38831

  View on GitHub
  一款用于生成winrar程序RCE（即cve-2023-38831）的POC的工具。
  ☆128Aug 27, 2023Updated 2 years ago
• waderwu / nativeRasp

  View on GitHub
  nativeRasp that can hook native methods
  ☆23Apr 24, 2023Updated 3 years ago
• GlassyAmadeus / CVE-2024-20931

  View on GitHub
  The Poc for CVE-2024-20931
  ☆75Feb 2, 2024Updated 2 years ago
• ffadd / JNDIKit

  View on GitHub
  JNDI/LDAP注入利用工具，对命令进行两种编码，支持多种绕过高版本JDK的方式（参考大佬代码造的轮子）
  ☆43Dec 22, 2021Updated 4 years ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• NorthShad0w / NetOuter

  View on GitHub
  一键出网探测工具
  ☆73Feb 25, 2023Updated 3 years ago
• luelueking / jvm-sandbox-rasp

  View on GitHub
  一个基于jvm-sandbox高度定制化rasp
  ☆57Sep 28, 2023Updated 2 years ago
• luelueking / Deserial_Sink_With_JDBC

  View on GitHub
  Some ReadObject Sink With JDBC
  ☆245May 8, 2024Updated 2 years ago
• YYHYlh / Apache-Dubbo-CVE-2023-23638-exp

  View on GitHub
  Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
  ☆231Aug 8, 2023Updated 2 years ago
• trganda / ActiveMQ-RCE

  View on GitHub
  CVE-2023-46604
  ☆29Oct 26, 2023Updated 2 years ago
• tabby-sec / tabby-vul-finder

  View on GitHub
  A vul-finder for loading CPG and automated finding vul-call-chains
  ☆72Jul 22, 2025Updated 9 months ago
• DXask88MA / Weblogic-CVE-2023-21839

  View on GitHub
  ☆238Feb 26, 2023Updated 3 years ago
• wikiZ / thinkphp3.2.x_rce

  View on GitHub
  ThinkPHP 3.2.X POC Report By 风起
  ☆12Apr 24, 2023Updated 3 years ago
• WAY29 / javaGGC

  View on GitHub
  javaGGC for generate commons.collections gadget chain
  ☆12Nov 10, 2021Updated 4 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• BeichenDream / JDR

  View on GitHub
  ☆147Jan 16, 2023Updated 3 years ago
• woodpecker-appstore / jexpr-encoder-utils

  View on GitHub
  Java表达式语句生成器
  ☆194Oct 9, 2023Updated 2 years ago
• Drun1baby / FineReportExploit

  View on GitHub
  帆软报表漏洞检测工具
  ☆116Jun 10, 2025Updated 10 months ago
• whocansee / FilelessAgentMemShell

  View on GitHub
  无需文件落地Agent内存马生成器
  ☆250May 30, 2024Updated last year
• BobTheShoplifter / CVE-2023-52251-POC

  View on GitHub
  CVE-2023-52251 There is a Remote Code Execution vulnerability provectus/kafka-ui.
  ☆21Jan 23, 2024Updated 2 years ago
• 4ra1n / mysql-fake-server

  View on GitHub
  纯 Java 实现的 MySQL Fake Server | 支持 GUI 版和命令行版 | 支持反序列化和文件读取的利用方式 | 支持常见的 GADGET 和自定义 GADGET 数据 | 根据目标环境自动生成匹配的 PAYLOAD | 支持 PGSQL 和 DERBY …
  ☆827Sep 18, 2023Updated 2 years ago
• cn-panda / ThymeleafSSTIBypass

  View on GitHub
  Thymeleaf SSTI Bypass
  ☆13Nov 24, 2021Updated 4 years ago
• Rvn0xsy / DumperAnalyze

  View on GitHub
  通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩，可以做一些破解、加密验证的绕过等操作
  ☆118Jun 18, 2024Updated last year
• YYHYlh / Dubbo-Scan

  View on GitHub
  一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。
  ☆172Aug 9, 2023Updated 2 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• Mr-xn / CVE-2024-32113

  View on GitHub
  Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]
  ☆27Jun 3, 2024Updated last year
• Y4Sec-Team / no-templates

  View on GitHub
  如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过
  ☆53Sep 10, 2023Updated 2 years ago
• Y4tacker / HackingFernFlower

  View on GitHub
  2023白帽补天大会部分代码
  ☆128Dec 26, 2023Updated 2 years ago
• 0x7eTeam / macbox

  View on GitHub
  mac标签栏工具,mac工具箱
  ☆24Dec 10, 2024Updated last year
• flowerwind / AutoGenerateXalanPayload

  View on GitHub
  cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
  ☆93Jan 17, 2023Updated 3 years ago
• luelueking / Java-CVE-Lists

  View on GitHub
  ☆19Jun 7, 2023Updated 2 years ago
• luelueking / RuoYi-v4.7.8-RCE-POC

  View on GitHub
  ☆253Feb 25, 2024Updated 2 years ago
• l3yx / jdwp-codeifier

  View on GitHub
  基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本（动态执行Java/Js代码并获得回显）
  ☆325Dec 22, 2024Updated last year
• alwaystest18 / dnsVerifier

  View on GitHub
  一款批量验证dns可用性的工具
  ☆25Jun 14, 2023Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• Esonhugh / yapi-rce-webshell

  View on GitHub
  Yapi mock script RCE another version. Webshell way. 另一种 Webshell 方式的 Yapi 命令执行的方法 相比于其他的利用方式 更加微操和可控 影响更小
  ☆66Jul 4, 2024Updated last year
• coffeehb / nginx_swagger

  View on GitHub
  这个项目主要用于辅助测试Swagger的XSS漏洞
  ☆39Jun 11, 2022Updated 3 years ago
• yzddmr6 / Java-Js-Engine-Payloads

  View on GitHub
  Java Js Engine Payloads All in one
  ☆291Aug 21, 2023Updated 2 years ago
• W01fh4cker / CVE-2024-22120-RCE

  View on GitHub
  Time Based SQL Injection in Zabbix Server Audit Log --> RCE
  ☆137May 21, 2024Updated last year
• A0WaQ4 / Weaver_ofslogin_vul

  View on GitHub
  组合利用泛微信息泄漏漏洞和任意用户登录漏洞，可获取全部loginId并测试登录
  ☆59Aug 3, 2023Updated 2 years ago
• jar-analyzer / jar-analyzer-v1-gui

  View on GitHub
  建议使用新版：https://github.com/jar-analyzer/jar-analyzer
  ☆898Nov 30, 2023Updated 2 years ago
• ukey321 / Jasmin-Ransomware-zh

  View on GitHub
  Jasmin Ransomware 是一款用于模拟真实勒索软件攻击的高级红队工具（WannaCry Clone）。Jasmin 帮助安全研究人员克服外部攻击的风险。
  ☆16Nov 11, 2022Updated 3 years ago