H3rmesk1t / Fastjson-Gadgets-Automatic-Scanner
Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may be exploited, and screening results need to be excluded by themselves. Looking forward to Fork and Star.
☆50Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Fastjson-Gadgets-Automatic-Scanner
- ☆51Updated 2 years ago
- [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload☆90Updated 2 years ago
- e-mesaage <=4.15 后台jar包上传exp☆47Updated 5 years ago
- 卸载冰蝎内存马☆68Updated 3 years ago
- NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script☆85Updated 2 years ago
- java☆54Updated last year
- ☆41Updated 5 years ago
- 该项目是通过go语言实现防止rmi利用被反置的问题。☆44Updated 2 years ago
- mvn clean package -DskipTests☆45Updated last year
- XxlJob<=2.1.2配置不当情况下反序列化RCE☆72Updated 4 years ago
- ☆4Updated 2 years ago
- 2020年~2021年 网站CMS、中间件、框架系统漏洞集合☆36Updated 3 years ago
- 一些结合第三方组件的Fastjson POC,在1.2.48以后版本中陆续被添加至黑名单。☆56Updated 5 years ago
- 魔改的冰蝎,仅供测试连接内存webshell使用☆38Updated 4 years ago
- woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。☆67Updated last year
- jre8u20 gadget☆33Updated 3 years ago
- ThinkPHP各版本反序列化利用代码☆32Updated 4 years ago
- OXID_Find by Csharp(多线程) 通过OXID解析器获取Windows远程主机上网卡地址 From @RcoIl☆52Updated 4 years ago
- Learning JAVA for Security☆31Updated 2 years ago
- CVE-2021-43297 POC,Apache Dubbo<= 2.7.13时可以实现RCE☆38Updated 2 years ago
- CVE-2015-4852、CVE-2016-0638、CVE-2016-3510、CVE-2019-2890漏洞POC☆17Updated 4 years ago
- CVE-2021-4034, For Webshell Version.☆34Updated 2 years ago
- ☆4Updated 4 years ago