HackJava / Spring
《Spring漏洞研 究》
☆44Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Spring
- Spel-research☆24Updated 2 years ago
- Tomcat内存马、XStream、Fastjson、Weblogic T3安全笔记☆40Updated 3 years ago
- springboot跨线程注入内存马☆114Updated 2 years ago
- java☆54Updated last year
- 《JNDI-深入理解Java万恶之源》☆39Updated 11 months ago
- Apache Dubbo Hessian2 CVE-2021-43297 demo☆46Updated 2 years ago
- CodeQL 寻找 JNDI利用 Lookup接口☆161Updated 2 years ago
- 《ASPX安全-只有ASPX安全才能拯救.NET》Only ASPX Security Can Save The NET.☆33Updated 2 years ago
- Java 内存马生成插件☆49Updated last year
- Java命令行文件监控小工具(代码审计)☆95Updated 2 years ago
- Java漏洞分析汇合☆143Updated 2 years ago
- 当死去的记忆突然开始攻击我,我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。☆78Updated 2 years ago
- A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily☆30Updated 4 months ago
- The purpose of this script is to bypass disablefund, provide some useful information, and dig the hook function of PHP extension.☆14Updated 3 years ago
- Apache Dubbo漏洞测试Demo及其POC☆61Updated last year
- fastjson 80 远程代码执行漏洞复现☆179Updated 2 years ago
- ☆51Updated 2 years ago
- [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload☆90Updated 2 years ago
- 自己积累的一些Java反序列化利用链☆86Updated last year
- ☁️Tencent Cloud AccessKey tools☆16Updated 3 months ago
- A Java Route Collection Tool☆84Updated 3 months ago
- Shiro漏洞实例源码☆25Updated 3 years ago
- 在原有yso基础上实现依赖分离,内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆68Updated 3 years ago
- <a href="sumsec.me"><img src="https://readme-typing-svg.demolab.com?font=Fira+Code&size=24&pause=1000&color=FDFDFD&background=13797800&ce…☆53Updated this week
- 收录go语言编写的项目、框架和组件出现的cve,或者一些相关的利用方式的文章☆36Updated last year
- pyyso is a Python package that generate java serialized poc. Including CommonsCollections1-7, JDK7u21, JDK8u20, ldap for jndi, shiro-550,…☆49Updated 2 years ago
- Lessons for syntaxflow zero to hero☆42Updated last month
- ☆4Updated 2 years ago