TheKingOfDuck / RCEFuzzer

一个以fuzz为中心思想的被动扫描工具

☆156

Alternatives and similar repositories for RCEFuzzer:

Users that are interested in RCEFuzzer are comparing it to the libraries listed below

SuperZero / CVE-2023-33246
Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit
☆103Updated last year
Lonely-night / fastjsonVul
fastjson 80 远程代码执行漏洞复现
☆191Updated 2 years ago
wealeson1 / wcpvs
Web Cache Poisoning Vulnerability Scanner
☆36Updated 2 months ago
YYHYlh / Dubbo-Scan
一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。
☆165Updated last year
R17a-17 / JavaVulnSummary
Java漏洞分析汇合
☆142Updated 3 years ago
YYHYlh / Apache-Dubbo-CVE-2023-23638-exp
Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
☆219Updated last year
ax1sX / RouteCheck-Alpha
A Java Route Collection Tool
☆91Updated 7 months ago
Hutt0n0 / ActiveMqRCE
用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用内存马注入
☆266Updated last year
whwlsfb / SpringSpider
Spring Actuator端点的BurpSuite被动扫描插件。
☆197Updated 2 years ago
Whoopsunix / fastjson_study
Abandoned - fastjson 1.2.24-1.2.80 poc & vulns env & how to check vul
☆89Updated last year
hanc00l / pocGoby2Xray
将Goby的json格式Poc转为xray的yaml格式Poc
☆131Updated 2 years ago
A0WaQ4 / HexDnsEchoT
命令执行不回显但DNS协议出网的命令回显场景解决方案（修改为使用ceye接收请求，添加自定义DNS服务器）
☆289Updated last year
shanshanerxi / Memory-horse
关于内存马的学习研究支持新手从0到1，从内存马原理，内存马植入内存马检测到内存马防御与内存马应急以及内存马查杀全系列java内存马/php/.net/c++/python 喜欢可以点个star 后续持续更新
☆103Updated 10 months ago
darkarmorlab / video-api-check
check hikvision/ys7 api
☆68Updated last year
ffffffff0x / 403-fuzz
针对 403 页面的 fuzz 脚本
☆124Updated 3 years ago
qi4L / Ysoserial-go
A Go library for generating Java deserialization payloads.
☆155Updated 6 months ago
ruyueattention / java-memshell-scanner
通过jsp脚本扫描并查杀Tomcat内存马，当前支持Servlet-api、Tomcat-Value、Timer、Websocket 、Upgrade 、ExecutorShell内存马的查杀逻辑。
☆51Updated 2 years ago
sincere9 / Apache-ActiveMQ-RCE
Apache ActiveMQ远程代码执行(RCE)利用工具
☆97Updated last year
winezer0 / springboot_scan
支持自动化的切换请求方式、自动化的请求重试、以完整的扫描Springboot路径
☆3Updated 2 years ago
1ucky7 / jmg-for-Godzilla
Godzilla插件|内存马|Suo5内存代理｜jmg for Godzilla
☆215Updated 9 months ago
lijiejie / MisConfig_HTTP_Proxy_Scanner
The scanner helps to scan misconfigured reverse proxy servers and misconfigured forward proxy servers
☆172Updated last year
sv3nbeast / DnslogCmdEcho
命令执行不回显但DNS协议出网的命令回显场景解决方案
☆274Updated 2 years ago
yaklang / syntaxflow
Lessons for syntaxflow zero to hero
☆48Updated 6 months ago
yuyan-sec / druid_sessions
获取 alibaba druid 一些 sessions , sql , urls
☆262Updated 2 years ago
kezibei / fastjson_payload
☆208Updated 6 months ago
b1ackc4t / Assassin
Assassin是一款精简的基于命令行的webshell管理工具，它有着多种payload发送方式和编码方式，以及精简的payload代码，使得它成为隐蔽的暗杀者，难以被很好的防御。
☆116Updated 2 years ago
depycode / fastjson-c3p0
fastjson不出网利用、c3p0
☆251Updated 3 years ago
ce-automne / FastjsonPatrol
一款探测fastjson漏洞的BurpSuite插件
☆61Updated 2 years ago
l3yx / jdwp-codeifier
基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本（动态执行Java/Js代码并获得回显）
☆268Updated 3 months ago
FFreestanding / JavaUnserializeChain
自己积累的一些Java反序列化利用链
☆87Updated 2 years ago