OneSourceCat/BcelPayloadGenerator external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

OneSourceCat/BcelPayloadGenerator

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/OneSourceCat/BcelPayloadGenerator)

Close

OneSourceCat / BcelPayloadGeneratorView on GitHubMore

• External links
• Readme badge

A fastjson payload generator

☆59Oct 13, 2020Updated 5 years ago

Alternatives and similar repositories for BcelPayloadGenerator

Users that are interested in BcelPayloadGenerator are comparing it to the libraries listed below

• wuppp / shiro_rce_exp

  View on GitHub
  Shiro RCE (Padding Oracle Attack)
  ☆148Nov 15, 2019Updated 6 years ago
• threedr3am / tomcat-cluster-session-sync-exp

  View on GitHub
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆212May 19, 2020Updated 5 years ago
• jas502n / Shiro_Xray

  View on GitHub
  CommonsBeanutils1,CommonsCollectionsK1
  ☆58Nov 16, 2020Updated 5 years ago
• zcgonvh / POPFuckProxy

  View on GitHub
  POP3 MITM example
  ☆27Dec 12, 2019Updated 6 years ago
• HonKer-Dynamo / Teemo

  View on GitHub
  ☆18Sep 6, 2018Updated 7 years ago
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• mabangde / ADSec-and-RedTeam

  View on GitHub
  record some AD security and Red Team contents
  ☆14Dec 10, 2019Updated 6 years ago
• ttttmr / php-fpm

  View on GitHub
  用WebShell攻击PHP-FPM Attacking PHP-FPM with WebShell
  ☆41May 6, 2021Updated 4 years ago
• skmt / icmpsh

  View on GitHub
  shell over ICMP
  ☆19Dec 8, 2012Updated 13 years ago
• RicterZ / PySharpSphere

  View on GitHub
  Yet another SharpSphere
  ☆227Aug 1, 2021Updated 4 years ago
• l3m0n / whatweb

  View on GitHub
  更快速的进行Web应用指纹识别
  ☆170May 9, 2019Updated 6 years ago
• mpgn / CVE-2019-0192

  View on GitHub
  RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
  ☆210Mar 10, 2019Updated 6 years ago
• 360-Linton-Lab / Telemetry

  View on GitHub
  WINDOWS TELEMETRY权限维持
  ☆257Jul 2, 2020Updated 5 years ago
• Airboi / CVE-2020-17144-EXP

  View on GitHub
  Exchange2010 authorized RCE
  ☆157Dec 24, 2020Updated 5 years ago
• uknowsec / BurpSuite-Extender-fastjson

  View on GitHub
  Reference：https://www.w2n1ck.com/article/44/
  ☆155Mar 7, 2020Updated 5 years ago
• feihong-cs / Java-Rce-Echo

  View on GitHub
  Java RCE 回显测试代码
  ☆1,016Oct 15, 2020Updated 5 years ago
• longofo / rmi-jndi-ldap-jrmp-jmx-jms

  View on GitHub
  rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
  ☆310Jun 17, 2022Updated 3 years ago
• jas502n / unauthorized-tools

  View on GitHub
  未授权批量检测脚本
  ☆14Oct 9, 2019Updated 6 years ago
• feihong-cs / JspMaster-Deprecated

  View on GitHub
  一款基于webshell命令执行功能实现的GUI webshell管理工具，支持流量加密
  ☆218Jun 4, 2021Updated 4 years ago
• waderwu / attackRmi

  View on GitHub
  attackRmi
  ☆258Oct 14, 2020Updated 5 years ago
• Afant1 / RemoteObjectInvocationHandler

  View on GitHub
  bypass JEP290 RaspHook code
  ☆63Sep 21, 2020Updated 5 years ago
• b0bac / GetMail

  View on GitHub
  利用NTLM Hash读取Exchange邮件
  ☆441Jan 7, 2025Updated last year
• lsh4ck / Langzi_SRC_Safe_Cruise

  View on GitHub
  LANGZI_SRC_安全巡航 是一款集成漏扫，验证，资产监控，自动复现并且生成结果表报的工具，实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。
  ☆14Jul 7, 2019Updated 6 years ago
• tobechenghuai / Shiro_721_Padding_Oracle_RCE

  View on GitHub
  Shiro_721 exp 纯手工实现Padding Oracle整个过程
  ☆67Nov 20, 2019Updated 6 years ago
• FunnyWolf / ghostmirror

  View on GitHub
  通过webshell实现的内网穿透工具
  ☆49Nov 19, 2019Updated 6 years ago
• jas502n / CVE-2019-6340

  View on GitHub
  Drupal8's REST RCE, SA-CORE-2019-003, CVE-2019-6340
  ☆71Jun 10, 2020Updated 5 years ago
• Lonely-night / fastjson_gadgets_scanner

  View on GitHub
  ☆131Jun 17, 2022Updated 3 years ago
• LeadroyaL / java_xxe_2019

  View on GitHub
  总结了一下2019年在JVM环境中使用XXE攻击的知识
  ☆58Oct 31, 2019Updated 6 years ago
• veracode-research / solr-injection

  View on GitHub
  Apache Solr Injection Research
  ☆579Jan 28, 2020Updated 6 years ago
• SeriousAlpha / py-security-audit-tool

  View on GitHub
  python security audit tool，用于python源码的代码审计，支持命令注入，sql注入
  ☆63Jun 4, 2015Updated 10 years ago
• LeadroyaL / fastjson-blacklist

  View on GitHub
  ☆835Jun 7, 2022Updated 3 years ago
• LandGrey / ClassHound

  View on GitHub
  利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
  ☆711May 10, 2021Updated 4 years ago
• chroblert / domainWeakPasswdCheck

  View on GitHub
  内网安全·域账号弱口令审计
  ☆163Dec 27, 2019Updated 6 years ago
• dpu / coremail-address-book

  View on GitHub
  📧Coremail邮件系统组织通讯录导出脚本
  ☆158Sep 28, 2021Updated 4 years ago
• sari3l / AggressorScripts

  View on GitHub
  cobalt strike 自用脚本
  ☆29Oct 29, 2020Updated 5 years ago
• iSafeBlue / fastjson-autotype-bypass-demo

  View on GitHub
  fastjson 1.2.68 版本 autotype bypass
  ☆142Jun 17, 2022Updated 3 years ago
• Vancir / s2-052-reproducing

  View on GitHub
  ☆20May 20, 2019Updated 6 years ago
• chennqqi / godnslog

  View on GitHub
  An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
  ☆469Sep 16, 2023Updated 2 years ago
• welk1n / JNDI-Injection-Bypass

  View on GitHub
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆484Dec 9, 2020Updated 5 years ago