EkiXu / marshalexp
☆20Updated last year
Related projects: ⓘ
- 2023白帽补天大会部分代码☆120Updated 8 months ago
- 检测查杀java内存马☆73Updated 9 months ago
- Java表达式语句生成器☆176Updated 11 months ago
- A Java Route Collection Tool☆75Updated last month
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆105Updated 6 months ago
- A vul-finder for loading CPG and automated finding vul-call-chains☆33Updated last month
- ☆134Updated last year
- JDBC Attack Tricks☆134Updated last year
- Spel-research☆24Updated 2 years ago
- Some ReadObject Sink With JDBC☆177Updated 4 months ago
- 2023 各大 CTF 的比赛附件☆48Updated last year
- 当死去的记忆突然开始攻击我,我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。☆78Updated 2 years ago
- A neo4j procedure for tabby☆111Updated 3 months ago
- proof-of-concept for generating Java deserialization payload | Proxy MemShell☆163Updated 3 months ago
- EndpointSearch 是一个探测云服务端点的扫描器。Endpoint Search is a sophisticated reconnaissance utility designed to discreetly identify and enumerate end…☆64Updated last month
- 《Spring漏洞研究》☆44Updated 2 years ago
- 这是一个用Go编写的红队内网环境中一个能快速开启HTTP文件浏览服务的小工具,能够执行shell命令,可以执行webshell☆69Updated last year
- Apache Dubbo漏洞测试Demo及其POC☆62Updated last year
- 如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过☆44Updated last year
- 用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo��☆32Updated 5 months ago
- SpringBootAdmin-thymeleaf-SSTI which can cause RCE☆76Updated last year
- JDK CVE-2023-21939☆97Updated last year
- 是一些比赛中的好题,加上自己出的一些。。。☆41Updated 2 years ago
- A Go library for generating Java deserialization payloads.☆156Updated last week
- Java Agent memory horse scanner combined with Call Graph modus☆60Updated last year
- 多组件客户端☆66Updated last week
- Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit☆76Updated last year
- 《JNDI-深入理解Java万恶之源》☆38Updated 10 months ago
- fastjson 80 远程代码执行漏洞复现☆178Updated 2 years ago
- A malicious LDAP server for JNDI injection attacks☆50Updated last year