Esonhugh/yapi-rce-webshell external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Esonhugh/yapi-rce-webshell

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Esonhugh/yapi-rce-webshell)

Close

Esonhugh / yapi-rce-webshellView on GitHubMore

• External links
• Readme badge

Yapi mock script RCE another version. Webshell way. 另一种 Webshell 方式的 Yapi 命令执行的方法 相比于其他的利用方式 更加微操和可控 影响更小

☆66Jul 4, 2024Updated last year

Alternatives and similar repositories for yapi-rce-webshell

Users that are interested in yapi-rce-webshell are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• 1ucky7 / MySQL_Fake_Server_for_woodpecker_yso

  View on GitHub
  MySQL_Fake_Server-啄木鸟yso适配版
  ☆45Sep 20, 2024Updated last year
• Ridter / PySQLTools

  View on GitHub
  Mssql利用工具
  ☆277Aug 7, 2023Updated 2 years ago
• S9MF / ShiroScan2

  View on GitHub
  基于BurpShiroPassiveScan修改增加了Xray回显链生成
  ☆56Sep 6, 2022Updated 3 years ago
• YYHYlh / Dubbo-Scan

  View on GitHub
  一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。
  ☆171Aug 9, 2023Updated 2 years ago
• corener / JavaPassDump

  View on GitHub
  JavaPassDump
  ☆273Jan 7, 2022Updated 4 years ago
• ethushiroha / JavaAgentTools

  View on GitHub
  用Java agent实现内存马等功能
  ☆198Jul 27, 2023Updated 2 years ago
• seventeenman / noELF

  View on GitHub
  Linux下用于远程加载可执行文件以达到内存加载的目的
  ☆202Nov 9, 2022Updated 3 years ago
• djhons / ssSocks5

  View on GitHub
  魔改shadowsocks，实现socks5内网穿透。
  ☆63Nov 28, 2025Updated 3 months ago
• lele8 / SharpDBeaver

  View on GitHub
  DBeaver数据库密码解密工具
  ☆199Nov 29, 2023Updated 2 years ago
• YYHYlh / Apache-Dubbo-CVE-2023-23638-exp

  View on GitHub
  Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
  ☆230Aug 8, 2023Updated 2 years ago
• 0xf4n9x / CDGXStreamDeserRCE

  View on GitHub
  亿赛通电子文档安全管理系统XStream反序列化漏洞任意文件上传利用
  ☆120Aug 9, 2024Updated last year
• BeichenDream / CVE-2022-26134-Godzilla-MEMSHELL

  View on GitHub
  ☆342Jun 7, 2022Updated 3 years ago
• TonyNPham / GodzillaPlugin-Suo5-MemProxy

  View on GitHub
  一款高性能 HTTP 内存代理 | 哥斯拉插件 | readteam | 红队 | 内存马 | Suo5 | Godzilla | 正向代理
  ☆288Aug 8, 2023Updated 2 years ago
• A0WaQ4 / Dahua_sso_initsession_upload_rce

  View on GitHub
  大华智慧园区系统sso_initsession文件上传批量脚本
  ☆21Sep 4, 2023Updated 2 years ago
• achuna33 / MYJNDIExploit

  View on GitHub
  自己的JNDI 利用工具，添加一些人性化功能
  ☆131Sep 4, 2022Updated 3 years ago
• MaskCyberSecurityTeam / BurpHttpHelper

  View on GitHub
  BurpHttpHelper是一款Burpsuite插件，主要用于简化和解决Burpsuite对Http的一些操作.
  ☆109Jan 22, 2023Updated 3 years ago
• Bl0omZ / JNDIEXP

  View on GitHub
  JNDI在java高版本的利用工具,FUZZ利用链
  ☆597Oct 8, 2022Updated 3 years ago
• rebeyond / JNDInjector

  View on GitHub
  一个高度可定制化的JNDI和Java反序列化利用工具
  ☆472Jan 17, 2023Updated 3 years ago
• evilashz / PigScheduleTask

  View on GitHub
  添加计划任务方法集合
  ☆310Aug 6, 2023Updated 2 years ago
• SPuerBRead / shovel

  View on GitHub
  Docker容器逃逸工具（Docker Escape Tools）
  ☆279Dec 15, 2022Updated 3 years ago
• pap1rman / postnacos

  View on GitHub
  哥斯拉nacos后渗透插件 maketoken adduser
  ☆150Jul 7, 2023Updated 2 years ago
• A0WaQ4 / BurpCRLFScan

  View on GitHub
  使用java编写的CRLF-Injection-burp被动扫描插件
  ☆45Dec 20, 2022Updated 3 years ago
• f0ng / selistener

  View on GitHub
  用于解决判断出网情况的问题，以http、ldap、rmi以及socket形式批量监听端口，在web界面进行结果查看
  ☆127Apr 17, 2023Updated 2 years ago
• LTianHang / ShiroUploadTools

  View on GitHub
  Shiro文件上传工具
  ☆102Jun 28, 2023Updated 2 years ago
• RowTeam / SharpExchangeKing

  View on GitHub
  Exchange 服务器安全性的辅助测试工具
  ☆331Jul 21, 2023Updated 2 years ago
• hosch3n / FastjsonVulns

  View on GitHub
  [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
  ☆91Sep 2, 2022Updated 3 years ago
• idiotc4t / sharpwmi

  View on GitHub
  (批量化改造)sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。
  ☆108Jan 8, 2021Updated 5 years ago
• novysodope / RMI_Inj_MemShell

  View on GitHub
  rmi打内存马工具，适用于目标用不了ldap的情况
  ☆253Jul 12, 2023Updated 2 years ago
• pmiaowu / log4j2Scan

  View on GitHub
  用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
  ☆212Apr 18, 2023Updated 2 years ago
• Anion3r / MSSQLProxy

  View on GitHub
  一个能够利用MSSQL的xp_cmdshell功能来进行流量代理的脚本，用于在站酷分离且不出网SQL注入进行代理
  ☆107Sep 19, 2022Updated 3 years ago
• bmth666 / Yongyou-Unserialize-plus

  View on GitHub
  用友的一些反序列化链子以及1day，二开了狼组的YongYouNcTool，改了一下逻辑以及poc
  ☆125Oct 12, 2024Updated last year
• BeichenDream / InjectJDBC

  View on GitHub
  注入JVM进程 动态获取目标进程连接的数据库
  ☆341Mar 6, 2022Updated 4 years ago
• BeichenDream / Chunk-Proxy

  View on GitHub
  ☆295May 7, 2022Updated 3 years ago
• lele8 / SharpUserIP

  View on GitHub
  获取服务器或域控登录日志
  ☆276Sep 8, 2023Updated 2 years ago
• Lotus6 / ConfluenceMemshell

  View on GitHub
  Confluence CVE 2021，2022，2023 利用工具，支持命令执行，哥斯拉，冰蝎 内存马注入
  ☆555Feb 1, 2024Updated 2 years ago
• pen4uin / java-echo-generator

  View on GitHub
  一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.
  ☆462Jan 12, 2025Updated last year
• sv3nbeast / DnslogCmdEcho

  View on GitHub
  命令执行不回显但DNS协议出网的命令回显场景解决方案
  ☆277Jan 10, 2023Updated 3 years ago
• yusinomy / Rpcon

  View on GitHub
  内网横向利用工具，用于ssh wmiexec等常规服务，也可以当作一个数据库执行命令工具
  ☆68May 15, 2023Updated 2 years ago
• For-ACGN / MS17-010

  View on GitHub
  An EternalBlue exploit implementation in pure go
  ☆100Nov 22, 2020Updated 5 years ago