exploit for fastjson remote code execution vulnerability
☆153Dec 16, 2022Updated 3 years ago
Alternatives and similar repositories for fastjson-rce-exploit
Users that are interested in fastjson-rce-exploit are comparing it to the libraries listed below
Sorting:
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 7 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法☆400Jan 24, 2025Updated last year
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago
- 用于记录分享一些有趣的案例☆865Jan 10, 2022Updated 4 years ago
- 获取系统KB补丁对于的MS号☆24Aug 18, 2019Updated 6 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,389Dec 16, 2022Updated 3 years ago
- CVE-2018-3245-PoC☆172Jul 13, 2021Updated 4 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆819Sep 4, 2019Updated 6 years ago
- Apache Solr Exploits 🌟☆348Oct 13, 2020Updated 5 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆967Jun 16, 2024Updated last year
- WebLogic wls9-async反序列化远程命令执行漏洞☆240May 26, 2019Updated 6 years ago
- ☆51Mar 25, 2015Updated 10 years ago
- Shiro RCE (Padding Oracle Attack)☆148Nov 15, 2019Updated 6 years ago
- CVE-2019-3396 confluence SSTI RCE☆174Oct 1, 2020Updated 5 years ago
- CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE☆63Jun 1, 2023Updated 2 years ago
- fastjson-1.2.47☆67Aug 5, 2019Updated 6 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,014May 21, 2024Updated last year
- Weblogic IIOP CVE-2020-2551☆338Apr 7, 2020Updated 5 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- ATT&CK实操☆373Sep 7, 2019Updated 6 years ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆245May 8, 2019Updated 6 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆153Feb 25, 2019Updated 7 years ago
- 免杀webshell无限生成工具☆1,288Apr 3, 2020Updated 5 years ago
- FasterXML/jackson-databind 远程代码执行漏洞☆73Feb 21, 2020Updated 6 years ago
- Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch☆114May 21, 2018Updated 7 years ago
- 命令行版向日葵RCE漏洞利用工具 / cmd version of sunlogin exploit tool☆15Mar 26, 2022Updated 3 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆484Dec 9, 2020Updated 5 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- 此项目用来提取收集以往泄露的密码中符合条件的强弱密码☆1,131Apr 1, 2019Updated 6 years ago
- 蚁剑其他脚本AES编/解码器☆36Aug 28, 2019Updated 6 years ago
- jenkins CVE-2017-1000353 POC☆56May 21, 2025Updated 10 months ago
- Cobalt Strike插件 - RDP日志取证&清除☆363Dec 23, 2019Updated 6 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 4 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271/CNVD-C-2019…☆511Oct 1, 2020Updated 5 years ago
- Citrix ADC从权限绕过到RCE☆45Jul 12, 2020Updated 5 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago