A fastjson payload generator
☆59Oct 13, 2020Updated 5 years ago
Alternatives and similar repositories for BcelPayloadGenerator
Users that are interested in BcelPayloadGenerator are comparing it to the libraries listed below
Sorting:
- Shiro RCE (Padding Oracle Attack)☆148Nov 15, 2019Updated 6 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- CommonsBeanutils1,CommonsCollectionsK1☆58Nov 16, 2020Updated 5 years ago
- POP3 MITM example☆27Dec 12, 2019Updated 6 years ago
- ☆18Sep 6, 2018Updated 7 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- record some AD security and Red Team contents☆14Dec 10, 2019Updated 6 years ago
- 用WebShell攻击PHP-FPM Attacking PHP-FPM with WebShell☆41May 6, 2021Updated 4 years ago
- shell over ICMP☆19Dec 8, 2012Updated 13 years ago
- Yet another SharpSphere☆227Aug 1, 2021Updated 4 years ago
- 更 快速的进行Web应用指纹识别☆170May 9, 2019Updated 6 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 6 years ago
- WINDOWS TELEMETRY权限维持☆257Jul 2, 2020Updated 5 years ago
- Exchange2010 authorized RCE☆157Dec 24, 2020Updated 5 years ago
- Reference:https://www.w2n1ck.com/article/44/☆155Mar 7, 2020Updated 5 years ago
- Java RCE 回显测试代码☆1,016Oct 15, 2020Updated 5 years ago
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆310Jun 17, 2022Updated 3 years ago
- 未授权批量检测脚本☆14Oct 9, 2019Updated 6 years ago
- 一款基于webshell命令执行功能实现的GUI webshell管理工具,支持流量加密☆218Jun 4, 2021Updated 4 years ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- bypass JEP290 RaspHook code☆63Sep 21, 2020Updated 5 years ago
- 利用NTLM Hash读取Exchange邮件☆441Jan 7, 2025Updated last year
- LANGZI_SRC_安全巡航 是一款集成漏扫,验证,资产监控,自动复现并且生成结果表报的工具,实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。☆14Jul 7, 2019Updated 6 years ago
- Shiro_721 exp 纯手工实现Padding Oracle整个过程☆67Nov 20, 2019Updated 6 years ago
- 通过webshell实现的内网穿透工具☆49Nov 19, 2019Updated 6 years ago
- Drupal8's REST RCE, SA-CORE-2019-003, CVE-2019-6340☆71Jun 10, 2020Updated 5 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆58Oct 31, 2019Updated 6 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- python security audit tool,用于python源码的代码审计,支持命令注入,sql注入☆63Jun 4, 2015Updated 10 years ago
- ☆835Jun 7, 2022Updated 3 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆711May 10, 2021Updated 4 years ago
- 内网安全·域账号弱口令审计☆163Dec 27, 2019Updated 6 years ago
- 📧Coremail邮件系统组织通讯录导出脚本☆158Sep 28, 2021Updated 4 years ago
- cobalt strike 自用脚本☆29Oct 29, 2020Updated 5 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- ☆20May 20, 2019Updated 6 years ago
- An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability☆469Sep 16, 2023Updated 2 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆484Dec 9, 2020Updated 5 years ago