LiAoRJ / CS_fakesubmit
一个可以伪装上线Cobaltstrike的脚本
☆132Updated 2 years ago
Alternatives and similar repositories for CS_fakesubmit:
Users that are interested in CS_fakesubmit are comparing it to the libraries listed below
- 命令执行不回显但DNS协议出网的命令回显场景解决方案☆275Updated 2 years ago
- fastjson不出网利用、c3p0☆252Updated 3 years ago
- 基于dbcp的fastjson rce 回显☆191Updated 3 years ago
- 禅道相关poc☆164Updated 10 months ago
- CobaltStrike 上线自动权限维持插件☆184Updated 3 years ago
- Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践☆223Updated last year
- Java内存马注入工具☆245Updated 2 years ago
- Godzilla插件|内存马|Suo5内存代理|jmg for Godzilla☆222Updated 11 months ago
- Exchange 服务器安全性的辅助测试工具☆322Updated last year
- Assassin是一款精简的基于命令行的webshell管理工具,它有着多种payload发送方式和编码方式,以及精简的payload代码,使得它成为隐蔽的暗杀者,难以被很好的防御。☆116Updated 2 years ago
- fscan修改版☆136Updated 2 years ago
- 可在Windows下执行系统命令的Redis模块,可用于Redis主从复制攻击。☆257Updated 2 years ago
- fastjson 80 远程代码执行漏洞复现☆192Updated 2 years ago
- Armor 浏览器反蜜罐插件 honeypot☆179Updated 3 years ago
- X系列安全工具-AV免杀框架-BypassAV☆206Updated 2 years ago
- 免杀死亡笔记☆115Updated 2 years ago
- A memory shell for ruoyi☆244Updated 2 years ago
- 一款可以过国内所有杀软可以过云查杀的shellcode loader☆147Updated 3 years ago
- woodpecker框架weblogic信息探测插件☆180Updated 3 years ago
- 利用阿里云oss对象存储,来转发http流量实现(cs)Cobalt Strike、msf 上线等 这之间利用阿里云的相关域名进行通信。☆149Updated 2 years ago
- 获取 alibaba druid 一些 sessions , sql , urls☆269Updated last month
- 下架☆141Updated 3 years ago
- 命令执行不回显但DNS协议出网的命令回显场景解决方案(修改为使用ceye接收请求,添加自定义DNS服务器)☆291Updated last year
- ☆219Updated 3 years ago
- ☆283Updated 3 years ago
- 冰蝎、哥斯拉 jsp webshell通信流量解密器☆142Updated 2 years ago
- CVE-2022-22947 注入Godzilla内存马☆208Updated 3 years ago
- ☆184Updated 7 months ago
- BCEL encode/decode manager for fastjson payloads☆146Updated 2 years ago
- ☆210Updated 8 months ago