Java反序列化/JNDI注入/恶意类生成工具,支持多种高版本bypass,支持回显/内存马等多种扩展利用。
☆148Dec 21, 2025Updated 2 months ago
Alternatives and similar repositories for ysogate
Users that are interested in ysogate are comparing it to the libraries listed below
Sorting:
- A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-v…☆570Feb 4, 2026Updated 3 weeks ago
- 本工具为jeecg框架漏洞利用工具非jeecg-boot!☆184Aug 13, 2024Updated last year
- 帆软bi反序列化漏洞利用工具☆190Mar 23, 2024Updated last year
- 用友的一些反序列化链子以及1day,二开了狼组的YongYouNcTool,改了一下逻辑以及poc☆123Oct 12, 2024Updated last year
- JavaGadgetGenerator 工具,支持 ysoserial,Hessian,字节码,Expr/SSTI,Shiro,JDBC 等 Gadget 生成,封装,混淆,出网延迟探测,内存马注入等...☆549Dec 7, 2025Updated 2 months ago
- ☆20Feb 27, 2022Updated 4 years ago
- 用友漏洞综合利用工具☆263Nov 9, 2024Updated last year
- 帆软报表漏洞检测工具☆113Jun 10, 2025Updated 8 months ago
- 帆软bi反序列化漏洞利用工具☆415Jan 25, 2025Updated last year
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆461Jan 12, 2025Updated last year
- JNDIExploit or a ysoserial.☆1,738Dec 31, 2025Updated 2 months ago
- Comprehensive fullstack e-commerce application built with cutting-edge technologies to provide a seamless online shopping experience.☆76Nov 14, 2024Updated last year
- 闭源系统半自动漏洞挖掘工具,针对 jar/war/zip 进行静态代码分析,输出从source到sink的可达路径。LLM将验证路径可达性,并根据上下文给出该路径可信分数☆502Jan 12, 2026Updated last month
- 使用 agent 实现反序列化 utf8 overlong☆83Apr 24, 2024Updated last year
- 免杀生成aspx的脚本☆26Sep 22, 2024Updated last year
- Yonyou-UNSERIALIZE,用友NC 反序列化检查工具,批量检测用友NC 反序列化☆50Jul 21, 2023Updated 2 years ago
- 使用JAVAFX写了一个Thinkphp的GUI漏洞检测利用工具☆120Aug 10, 2025Updated 6 months ago
- 哥斯拉jsp/jspx免杀webshell生成器☆208Apr 28, 2023Updated 2 years ago
- 魔改版,实现冰蝎直连内存马,无需修改冰蝎客户端☆76Jan 3, 2024Updated 2 years ago
- ☆30Dec 6, 2024Updated last year
- Robust estimations from distribution structures: III. Non-asymptotic☆25Feb 10, 2024Updated 2 years ago
- 用Go+Fyne开发的,展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。☆125Jan 14, 2025Updated last year
- xxl-job内存马☆227Jan 26, 2025Updated last year
- 在spring-aop中新发现的反序列化gadget-chain☆52Jan 12, 2025Updated last year
- 无需文件落地Agent内存马生成器☆249May 30, 2024Updated last year
- 一款Java内存马生成、测试工具,搭配@ax1sX的MemShell食用。☆261Feb 15, 2026Updated 2 weeks ago
- Geoserver综合利用工具☆108Jan 7, 2026Updated last month
- 帆软bi反序列化漏洞利用工具☆56Jun 4, 2024Updated last year
- CVE-2023-46604☆63Nov 3, 2023Updated 2 years ago
- ☆26Dec 13, 2024Updated last year
- 亿赛通电子文档安全管理系统XStream反序列化漏洞任意文件上传利用☆120Aug 9, 2024Updated last year
- xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作,上传,job等相应操作。☆195Nov 25, 2023Updated 2 years ago
- Nacos Derby命令执行漏洞利用脚本☆151Apr 7, 2025Updated 10 months ago
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆770Jan 26, 2022Updated 4 years ago
- 用友 nc 系列密码解密☆61Apr 7, 2023Updated 2 years ago
- CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段☆276Dec 13, 2024Updated last year
- 单进程浏览器模拟爆破 通过selenium实现 支持CSS选择☆19May 9, 2025Updated 9 months ago
- Confluence CVE 2021,2022,2023 利用工具,支持命令执行,哥斯拉,冰蝎 内存马注入☆554Feb 1, 2024Updated 2 years ago
- 一款专注于 Java 主流 Web 中间件的内存马快速生成工具,致力于简化安全研究人员和红队成员的工作流程,提升攻防效率☆1,339Feb 8, 2026Updated 3 weeks ago