KpLi0rn / ysoserialLinks
在原有yso基础上实现依赖分离,内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆68Updated 4 years ago
Alternatives and similar repositories for ysoserial
Users that are interested in ysoserial are comparing it to the libraries listed below
Sorting:
- Java漏洞分析汇合☆142Updated 3 years ago
- springboot跨线程注入内存马☆122Updated 3 years ago
- [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload☆91Updated 3 years ago
- 一个Spring4Shell 被动式检测的Burp插件☆94Updated 3 years ago
- fastjson 80 远程代码执行漏洞复现☆200Updated 3 years ago
- ☆122Updated 2 years ago
- weblogic历史漏洞利用工具☆90Updated 3 years ago
- ☆83Updated 4 years ago
- 当死去的记忆突然开始攻击我,我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。☆79Updated 3 years ago
- Java命令行文件监控小工具(代码审计)☆103Updated 4 years ago
- 基于SerializationDumper的Shiro Cookie序列化数据解密小工具☆53Updated 5 years ago
- woodpecker框架weblogic信息探测插件☆184Updated 3 years ago
- java☆54Updated 2 years ago
- 基于ysoserial扩展命令执行结果回显,生成冰蝎内存马☆91Updated 2 years ago
- Shiro内存马注入环境☆62Updated 4 years ago
- 利用字符集编码绕过waf的burpsuite插件☆124Updated 4 years ago
- ☆97Updated 2 years ago
- SMTP Netcat , test SMTP protocol☆105Updated 3 years ago
- ☆108Updated 3 years ago
- woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。☆69Updated 3 weeks ago
- 泛微OA_V9全版本的SQL远程代码执行漏洞☆157Updated 3 years ago
- 可在Windows下执行系统命令的Redis模块,可用于Redis主从复制攻击。☆263Updated 3 years ago
- 自己的JNDI 利用工具,添加一些人性化功能☆131Updated 3 years ago
- Druid 密文解密工具☆135Updated 4 years ago
- 基于dbcp的fastjson rce 回显☆197Updated 4 years ago
- Godzilla java Decode,哥斯拉jsp(内存马)流量解密☆112Updated 3 years ago
- xxl-job未授权命令执行☆113Updated 3 years ago
- Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践☆229Updated 2 years ago
- 蓝凌OA的前后台密码的加解密工具☆95Updated 4 years ago
- 一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。☆170Updated 2 years ago