java xxe defense demo
☆49Jul 18, 2019Updated 6 years ago
Alternatives and similar repositories for java-xxe-defense-demo
Users that are interested in java-xxe-defense-demo are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆58Oct 31, 2019Updated 6 years ago
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆125Jul 17, 2020Updated 5 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Feb 8, 2020Updated 6 years ago
- ☆28Jul 18, 2020Updated 5 years ago
- ☆17Apr 17, 2021Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Spring Boot Actuator + Spring Cloud Vul Env☆19Dec 25, 2019Updated 6 years ago
- 安全升级jar包时,辅助检测Java Archive (JAR) 包之间兼容性,各类符号引用的存在检测,包括方法、方法签名、字段定义和引用、类引用等等☆14Jul 7, 2024Updated last year
- ☆835Jun 7, 2022Updated 3 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆203Apr 26, 2021Updated 5 years ago
- bypassD盾、安全狗、云锁☆107Mar 31, 2021Updated 5 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- 参赛所用的sshop平台☆11Jun 26, 2018Updated 7 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- CVE-2019-14540 Exploit☆21Aug 21, 2019Updated 6 years ago
- Java RCE 回显测试代码☆1,014Oct 15, 2020Updated 5 years ago
- A fake JDBC driver that allows OS command execution.☆126Oct 2, 2022Updated 3 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,083Jun 15, 2021Updated 4 years ago
- Detect webshells.☆11Aug 14, 2020Updated 5 years ago
- Writeup and environment for XCTF2021Final-Dubbo☆44May 31, 2021Updated 4 years ago
- Native Java serialization filter blacklist for common gadgets☆20Sep 12, 2019Updated 6 years ago
- 蜜罐检测工具,支持自动化URL去重、多线程控制及智能速率限制。可识别伪装服务。☆16Jun 5, 2025Updated 11 months ago
- Apache Superset Auth Bypass (CVE-2023-27524)☆11May 9, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- CTF stuff☆40Dec 5, 2022Updated 3 years ago
- 超硬核!使用图数据技术发现软件漏洞☆185Sep 1, 2021Updated 4 years ago
- ysoserial for 1nhann☆11Sep 26, 2022Updated 3 years ago
- Analysis Financial Attacker Groups, 金融行业攻击者团伙研究☆23Jun 24, 2021Updated 4 years ago
- javaGGC for generate commons.collections gadget chain☆12Nov 10, 2021Updated 4 years ago
- Apache Solr Exploits 🌟☆346Oct 13, 2020Updated 5 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago
- bypass JEP290 RaspHook code☆63Sep 21, 2020Updated 5 years ago
- Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"☆101Sep 20, 2019Updated 6 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆153Jun 24, 2019Updated 6 years ago
- gosec动态��规则修改版☆12Jun 29, 2021Updated 4 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Mar 24, 2017Updated 9 years ago
- ☆12Jan 13, 2018Updated 8 years ago
- 一些Java RASP demo☆11Sep 26, 2019Updated 6 years ago
- GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.☆211Sep 27, 2024Updated last year
- 从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能☆11Mar 11, 2020Updated 6 years ago