一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)
☆346Aug 8, 2025Updated 9 months ago
Alternatives and similar repositories for JNDIExploit-1
Users that are interested in JNDIExploit-1 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆775Jan 26, 2022Updated 4 years ago
- shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack☆2,508May 18, 2026Updated last week
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,473Apr 25, 2024Updated 2 years ago
- 冰蝎Java WebShell自动化免杀生成☆781Mar 15, 2022Updated 4 years ago
- 通达OA综合利用工具☆518Mar 17, 2021Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- WeblogicTool,GUI漏洞利用工具,支持漏洞检测、命令执行、内存马注入、密码解密等(深信服深蓝实验室天威战队强力驱动)☆1,788Nov 1, 2023Updated 2 years ago
- 一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。☆377Oct 22, 2021Updated 4 years ago
- ByPassBehinder / 冰蝎WebShell免杀生成 / Code By:Tas9er☆837May 28, 2022Updated 3 years ago
- HeapDump敏感信息提取工具☆1,657Dec 15, 2025Updated 5 months ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,018May 21, 2024Updated 2 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,397Dec 16, 2022Updated 3 years ago
- 帆软bi反序列化漏洞利用工具☆192Mar 23, 2024Updated 2 years ago
- Weblogic漏洞利用图形化工具 支持注入内存马、一键上传webshell、命令执行☆781Apr 20, 2022Updated 4 years ago
- 用友漏洞综合利用工具☆267Nov 9, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- 各种数据库的利用姿势☆1,033Jan 3, 2025Updated last year
- 数据库综合利用工具☆543Feb 16, 2022Updated 4 years ago
- rmi打内存马工具,适用于目标用不了ldap的情况☆254Jul 12, 2023Updated 2 years ago
- 用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件☆212Apr 18, 2023Updated 3 years ago
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,055Oct 7, 2022Updated 3 years ago
- shiro综合利用工具☆652Apr 15, 2023Updated 3 years ago
- 一款用Go语言编写的数据库自动化提权工具,支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接☆865Aug 30, 2023Updated 2 years ago
- heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等☆1,448May 21, 2024Updated 2 years ago
- Spring漏洞综合利用工具☆675Jul 5, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- MDUT - Multiple Database Utilization Tools☆2,213Sep 22, 2023Updated 2 years ago
- Confluence CVE 2021,2022,2023 利用工具,支持命令执行,哥斯拉,冰蝎 内存马注入☆560Feb 1, 2024Updated 2 years ago
- AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS…☆783Feb 13, 2025Updated last year
- 项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。☆1,903Jan 15, 2024Updated 2 years ago
- shiro 反序列 命令执行辅助检测工具☆1,577May 21, 2024Updated 2 years ago
- 研究利用golang各种姿势bypassAV☆816Apr 11, 2022Updated 4 years ago
- 用友NC系列漏洞检测利用工具,支持一键检测、命令执行回显、文件落地、一键打入内存马、文件读取等☆590Aug 19, 2023Updated 2 years ago
- Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用☆851Jul 7, 2023Updated 2 years ago
- 给woodpecker框架量身定制的ysoserial☆620Oct 26, 2022Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- 一款集成了H3C,致远,泛微,万户,帆软,海康威视,金蝶云星空,畅捷通,Struts等多个RCE漏洞利用工具☆238Jul 28, 2024Updated last year
- OAExploit一款基于产品的一键扫描工具。☆1,485Sep 20, 2022Updated 3 years ago
- fastjson利用,支持tomcat、spring回显,哥斯拉内存马;回显利用链为dhcp、ibatis、c3p0。☆327Mar 15, 2022Updated 4 years ago
- 一款java漏洞集合工具☆1,123Jan 13, 2026Updated 4 months ago
- netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)☆2,219Jul 25, 2023Updated 2 years ago
- 帆软bi反序列化漏洞利用工具☆424Jan 25, 2025Updated last year
- Fastjson姿势技巧集合☆1,846Oct 20, 2023Updated 2 years ago