Dliv3 / redis-rogue-serverLinks
Redis 4.x/5.x RCE
☆548Updated 4 years ago
Alternatives and similar repositories for redis-rogue-server
Users that are interested in redis-rogue-server are comparing it to the libraries listed below
Sorting:
- redis 4.x/5.x master/slave getshell module☆364Updated 5 years ago
- 通过 Redis 主从写出无损文件☆717Updated 5 years ago
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆722Updated 2 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆706Updated 4 years ago
- Java RCE 回显测试代码☆1,012Updated 4 years ago
- EHole(棱洞)-红队重点攻击系统指纹探测工具☆472Updated 4 years ago
- oracle 数据库命令执行☆563Updated 4 years ago
- Shiro反序列化利用工具,支持新版本(AES-GCM)Shiro的key爆破,配合ysoserial,生成回显Payload☆893Updated 4 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆121Updated 4 years ago
- 一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。☆363Updated 3 years ago
- Shiro-721 RCE Via RememberMe Padding Oracle Attack☆262Updated 4 years ago
- ☆319Updated 4 years ago
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆530Updated 4 years ago
- 适用于Cobalt Strike的插件☆553Updated 4 years ago
- Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】☆247Updated 3 years ago
- Cobalt Strike team server password brute force tool☆395Updated 7 years ago
- fastjson一键命令执行☆523Updated 4 years ago
- An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability☆471Updated last year
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆356Updated 2 years ago
- burp插件 ShiroScan 主要用于框架、无dnslog key检测☆426Updated 2 years ago
- poc-collection 是对 github 上公开的 PoC 进行收集的一个项目。☆281Updated 4 years ago
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆723Updated 3 years ago
- Redis-Attack By Replication (通过主从复制攻击Redis)☆337Updated 2 years ago
- antsword bypass PHP disable_functions☆200Updated 2 years ago
- Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测☆516Updated 5 years ago
- 本项目用于搜集 2022 年的漏洞,注意:本项目并不刻意搜集 POC 或 EXP,主要以CVE-2021、CVE-2022 为关键词,包含但不限于漏洞资讯、漏洞复现、漏洞分析、漏洞验证、漏洞利用☆382Updated 3 years ago
- 80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background serv…☆797Updated 11 months ago
- Struts2系列漏洞检查工具☆430Updated 5 years ago
- 内存马Demo合集 memshell demo for java / php / python☆410Updated 4 years ago
- ☆512Updated 2 years ago