STMCyber / RmiTaste
RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets from ysoserial.
☆107Updated 4 years ago
Alternatives and similar repositories for RmiTaste:
Users that are interested in RmiTaste are comparing it to the libraries listed below
- A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution.☆5Updated 2 years ago
- Exploitation toolkit for RichFaces☆103Updated last year
- Gopher Tomcat Deployer☆48Updated 6 years ago
- ☆116Updated 5 years ago
- Example Vulnerable .NET HTTP Remoting☆84Updated 6 years ago
- Some private tools i decided to release for public.☆49Updated last year
- Citrix ADC Vulns☆87Updated 4 years ago
- 用Kali 2.0复现Apache Tomcat Session反序列化代码执行漏洞☆52Updated 4 years ago
- MOGWAI LABS JMX exploitation toolkit☆201Updated 2 years ago
- A malicious LDAP server for JNDI injection attacks☆74Updated 5 months ago
- ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)☆29Updated 3 years ago
- Template Injection in Email Templates leads to code execution on Jira Service Management Server☆47Updated 3 years ago
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database☆106Updated 5 years ago
- Here you can get full exploit for SAP NetWeaver AS JAVA☆76Updated 7 years ago
- Generating payloads to reverse shell in different contexts of java.☆48Updated 2 years ago
- PoC exploit for VMware Cloud Director RCE (CVE-2020-3956)☆89Updated 4 years ago
- ☆65Updated 4 years ago
- PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)☆81Updated 4 years ago
- Exploitation code for CVE-2021-40539☆46Updated 3 years ago
- tetctf2020_amf_writeups☆23Updated 4 years ago
- Exploit for WebSocket Vulnerability in Apache Tomcat☆166Updated 4 years ago
- ☆27Updated 3 years ago
- Authenticated SSRF in Grafana☆81Updated 10 months ago
- Utility for creating ZipSlip archives☆72Updated 2 years ago
- CVE-2020-35728 & Jackson-databind RCE☆42Updated 4 years ago
- ☆63Updated 5 years ago
- com_media allowed paths that are not intended for image uploads to RCE☆71Updated 4 years ago
- None of the exploit code or research is my own but all available in public domain☆28Updated 5 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆47Updated 4 years ago
- PoC para las vulnerabilidades CVE-2020-14750 y cve-2020-14882☆48Updated 4 years ago