Java-Chains / papersLinks
Topic: The Swiss Army Knife of Java Exploitation
☆21Updated 8 months ago
Alternatives and similar repositories for papers
Users that are interested in papers are comparing it to the libraries listed below
Sorting:
- Spring-Kafka-Deserialization-Remote-Code-Execution☆30Updated 2 years ago
- 7bits安全团队-《Java安全-记一次实战使用memoryshell》代码样例☆19Updated 2 years ago
- portreuse reuseport 端口复用☆61Updated 2 years ago
- My security presentations☆28Updated 2 years ago
- Windows & linux Echo to file command converter☆25Updated 4 years ago
- ☆21Updated 8 months ago
- ActiveMQ RCE (CVE-2023-46604) 回显利用工具☆36Updated last year
- 在spring-aop中新发现的反序列化gadget-chain☆51Updated 9 months ago
- CVE-2020-4464 / CVE-2020-4450☆33Updated 4 years ago
- 轻便的恶意反代☆48Updated 4 years ago
- c/s网络准入平台☆20Updated 2 years ago
- POC for Spring Kafka Deserialization Vulnerability CVE-2023-34040☆45Updated 2 weeks ago
- 一个基于DNS隧道的简单C2☆59Updated 3 years ago
- CrossC2通信协议API实现☆84Updated 4 years ago
- 多组件客户端☆74Updated 5 months ago
- 利用EFSRPC协议批量探测出网☆65Updated 2 years ago
- The Poc for CVE-2024-20931☆74Updated last year
- Hessian UTF-8 Overlong Encoding☆19Updated last year
- Yapi mock script RCE another version. Webshell way. 另一种 Webshell 方式的 Yapi 命令执行的方法 相比于其他的利用方式 更加微操和可控 影响更小☆66Updated last year
- NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script☆89Updated 3 years ago
- ☆19Updated 2 years ago
- 针对kubernetes中的RBAC可能被攻击检测工具。Detection tool for possible attacks on RBAC in kubernetes.☆26Updated last year
- ☆15Updated 3 years ago
- CVE-2024-43044的利用方式☆20Updated last year
- Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …☆48Updated 3 years ago
- 内存加载执行golang elf二进制文件☆28Updated 3 years ago
- cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件☆90Updated 2 years ago
- Exchange ProxyRelay POC☆37Updated 3 years ago
- detect gitlab detail version☆55Updated last year
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆69Updated 2 years ago