LFYSec / Tomcat-AJP-EXPView external linksLinks
Java version of Tomcat-AJP-EXP, for practice
☆42Oct 13, 2020Updated 5 years ago
Alternatives and similar repositories for Tomcat-AJP-EXP
Users that are interested in Tomcat-AJP-EXP are comparing it to the libraries listed below
Sorting:
- A c0 -> LLVM IR compiler, with some optimization.☆13Jul 13, 2020Updated 5 years ago
- SUCTF iCloudMusic 源码及writeup☆10Oct 12, 2022Updated 3 years ago
- My-CTF-Challenge☆11Oct 23, 2020Updated 5 years ago
- Tomcat-Ajp协议文件读取漏洞☆795Mar 3, 2020Updated 5 years ago
- 基于docker运行在单机上的awd平台,仅适用于小规模的队内练习使用☆70Feb 7, 2020Updated 6 years ago
- 为应对CTF比赛而搭建的各种环境☆156May 9, 2020Updated 5 years ago
- 个人用于在自动化挖掘gadget时,方便查找gadget chains中class所在jar包,以助于便捷审计测试gadget有效性的那么一个小工具。☆60Mar 25, 2020Updated 5 years ago
- Weblogic IIOP CVE-2020-2551☆340Apr 7, 2020Updated 5 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- Shiro_721 exp 纯手工实现Padding Oracle整个过程☆67Nov 20, 2019Updated 6 years ago
- 打CTF实在厌倦了找利用链,就知道一个fastjson的版本,一堆依赖找啊找,头都疼。为了解决这个烦恼,用了卓卓师傅的fastjson黑名单工具和库,自己改造了一下。☆32Jan 3, 2020Updated 6 years ago
- HTTP/HTTPS proxy server by golang [high performance version]☆54Jul 25, 2020Updated 5 years ago
- My CTF Challenges☆16Nov 6, 2024Updated last year
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- 超硬核!使用图数据技术发现软件漏洞☆185Sep 1, 2021Updated 4 years ago
- Native Java serialization filter blacklist for common gadgets☆20Sep 12, 2019Updated 6 years ago
- antsword bypass PHP disable_functions☆208Nov 18, 2022Updated 3 years ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- A fastjson payload generator☆59Oct 13, 2020Updated 5 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- procfs-based PHP sandbox bypass☆133Sep 19, 2018Updated 7 years ago
- java web 压缩文件 安全 漏洞☆20Mar 17, 2020Updated 5 years ago
- 一个抓取phpinfo重要信息的小工具☆29Mar 5, 2019Updated 6 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- 好好打比赛、、、emmmm 投机取巧是不好的☆30Sep 30, 2018Updated 7 years ago
- golang 版本的 nc ,支持平时使用的大部分功能,并增加了流量rc4加密☆38Nov 18, 2020Updated 5 years ago
- log4j-patch 修改字节码实现补丁防御☆20Dec 10, 2021Updated 4 years ago
- Spring Boot Actuator + Spring Cloud Vul Env☆19Dec 25, 2019Updated 6 years ago
- ☆12Nov 16, 2020Updated 5 years ago
- MySQL fake server for read files of connected clients☆606Jul 23, 2017Updated 8 years ago
- Reference:https://www.w2n1ck.com/article/44/☆155Mar 7, 2020Updated 5 years ago
- Redis RCE 的几种方法☆90Jun 5, 2024Updated last year
- A Simple Backdoor For Apache HTTP Server☆156Aug 28, 2024Updated last year
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 6 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Nov 20, 2022Updated 3 years ago
- Converts JBoss/Wildfly management users properties file to hashcat format compatible with mode 20☆12Apr 26, 2020Updated 5 years ago
- 应急响应时收集Windows机器信息☆12Jul 18, 2022Updated 3 years ago
- Windows Antivirus Evasion and Memory Injection☆12Feb 19, 2022Updated 3 years ago
- ☆18Mar 27, 2025Updated 10 months ago