Alternatives and similar repositories for papers

Users that are interested in papers are comparing it to the libraries listed below

• Ape1ron / SpringAopInDeserializationDemo1
  在spring-aop中新发现的反序列化gadget-chain
  ☆48Updated 6 months ago
• pyn3rd / CVE-2023-34040
  Spring-Kafka-Deserialization-Remote-Code-Execution
  ☆30Updated last year
• woodpecker-appstore / EchoToFileConverter
  Windows & linux Echo to file command converter
  ☆25Updated 4 years ago
• yzddmr6 / MyPresentations
  My security presentations
  ☆28Updated last year
• Arlenhiack / ActiveMQ-RCE-Exploit
  ActiveMQ RCE (CVE-2023-46604) 回显利用工具
  ☆33Updated 10 months ago
• silentsignal / WebSphere-WSIF-gadget
  CVE-2020-4464 / CVE-2020-4450
  ☆33Updated 3 years ago
• purpleroc / mcp-security-inspector
  一个用于检测Model Context Protocol (MCP)安全性的Chrome扩展工具。
  ☆18Updated last week
• 7BitsTeam / LearningAgentShell
  7bits安全团队-《Java安全-记一次实战使用memoryshell》代码样例
  ☆19Updated 2 years ago
• iSafeBlue / presentation-slides
  ☆33Updated 2 years ago
• ZhuriLab / rbacr
  针对kubernetes中的RBAC可能被攻击检测工具。Detection tool for possible attacks on RBAC in kubernetes.
  ☆26Updated last year
• lz520520 / java-object-searcher
  ☆20Updated 4 months ago
• knightswd / NoPacScan
  NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script
  ☆89Updated 3 years ago
• X1r0z / hessian-overlong-encoding
  Hessian UTF-8 Overlong Encoding
  ☆18Updated last year
• Jumbo-WJB / portreuse
  portreuse reuseport 端口复用
  ☆62Updated last year
• H3rmesk1t / Fastjson-Gadgets-Automatic-Scanner
  Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …
  ☆50Updated 3 years ago
• emo-crab / ysoserial-rs
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆69Updated 2 years ago
• Firebasky / GoRmi
  该项目是通过go语言实现防止rmi利用被反置的问题。
  ☆44Updated 3 years ago
• AntSwordProject / AntSword-Csharp-Template
  ☆19Updated 2 years ago
• s4vvysec / CVE-2024-4367-POC
  CVE-2024-4367 arbitrary js execution in pdf js
  ☆54Updated last year
• 0xrumble / BytecodeScreen
  ☆50Updated 2 years ago
• Contrast-Security-OSS / Spring-Kafka-POC-CVE-2023-34040
  POC for Spring Kafka Deserialization Vulnerability CVE-2023-34040
  ☆45Updated last year
• X1r0z / Dubbo-RCE
  PoC of Apache Dubbo CVE-2023-23638
  ☆33Updated last year
• Anthem-whisper / YApi-Exploit
  YApi boolean-based injection exploit.
  ☆58Updated 2 years ago
• bitterzzZZ / CVE-2021-43297-POC
  CVE-2021-43297 POC，Apache Dubbo<= 2.7.13时可以实现RCE
  ☆38Updated 3 years ago
• wangsz05 / LearnDemo
  ☆13Updated 2 years ago
• GlassyAmadeus / FuzzProject
  Show the application of fuzzy in penetration test~
  ☆13Updated 3 years ago
• bluE0a / java-memshell-scanner
  添加Connector内存马与ws内存马检测逻辑
  ☆16Updated 2 years ago
• ffadd / JNDIKit
  JNDI/LDAP注入利用工具，对命令进行两种编码，支持多种绕过高版本JDK的方式（参考大佬代码造的轮子）
  ☆44Updated 3 years ago
• Ridter / GetMail
  利用NTLM Hash读取Exchange邮件
  ☆61Updated 2 years ago
• Richard-Tang / CrossC2-C2Profile
  CrossC2通信协议API实现
  ☆84Updated 3 years ago