JavanXD / Demo-Exploit-Jackson-RCE
Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.
☆17Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for Demo-Exploit-Jackson-RCE
- Jira未授权SSRF漏洞☆31Updated 5 years ago
- ☆34Updated 5 years ago
- Dependencies with Log4j2 Checklist☆35Updated 2 years ago
- POC for leaking java version through file and ftp protocols☆24Updated 4 years ago
- A Burp Extender plugin, that will take deserialized AMF objects and encode them in XML using the Xtream library☆27Updated 9 years ago
- CVE-2019-2890 WebLogic 反序列化RCE漏洞☆41Updated 4 years ago
- Native Java serialization filter blacklist for common gadgets☆20Updated 5 years ago
- Several XStream gadgets ported from ysoserial☆32Updated 3 years ago
- Papers☆34Updated 5 years ago
- None of the exploit code or research is my own but all available in public domain☆27Updated 5 years ago
- CVE-2020-11651: Proof of Concept☆40Updated 3 years ago
- Additional materials for RootedCON 2015 Apache Struts talk☆28Updated 9 years ago
- ☆21Updated 5 years ago
- A Zhiyuan OA Collaborative Office Remote Code Execution Vulnerability on Windows☆36Updated 5 years ago
- ☆12Updated 7 years ago
- A fastjson payload generator☆56Updated 4 years ago
- ☆65Updated 3 years ago
- Zimbra XXE+SSRF+UPLOAD Poc☆59Updated 5 years ago
- Learn how to get a reverse shell from JIRA application server☆24Updated 5 years ago
- bugbounty tools☆18Updated last year
- ☆63Updated 5 years ago
- FasterXML/jackson-databind 远程代码执行漏洞☆73Updated 4 years ago
- X41 BeanStack - Stack Trace Fingerprinting BETA☆52Updated 4 years ago
- ☆27Updated 3 years ago
- Spring Boot Actuator + Spring Cloud Vul Env☆19Updated 4 years ago
- Plugin For BurpSuite (Pentester)☆35Updated 2 years ago
- Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.☆35Updated 4 years ago
- This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).☆17Updated 3 years ago