TheKingOfDuck / SBCVE
不定期记录一下浪费了时间去关注过的垃圾CVE漏洞。
☆120Updated last year
Alternatives and similar repositories for SBCVE:
Users that are interested in SBCVE are comparing it to the libraries listed below
- 命令执行不回显但DNS协议出网的命令回显场景解决方案☆274Updated 2 years ago
- 一个可以伪装上线Cobaltstrike的脚本☆132Updated 2 years ago
- 2023白帽补天大会部分代码☆122Updated last year
- Compatible with xray and nuclei poc framework☆192Updated 2 years ago
- proof-of-concept for generating Java deserialization payload | Proxy MemShell☆185Updated 9 months ago
- 禅道相关poc☆162Updated 8 months ago
- CVE-2021-41773 CVE-2021-42013漏洞批量检测工具☆147Updated 3 years ago
- 一款针对于IDE的反制蜜罐 IDE-honeypot☆104Updated 2 years ago
- fastjson 80 远程代码执行漏洞复现☆191Updated 2 years ago
- 使用WindowsAPI写的一些渗透小工具☆98Updated 3 years ago
- Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践☆219Updated last year
- ☆107Updated 3 years ago
- 将令你眼前一亮的XSS利用工具!☆108Updated 3 years ago
- fastjson不出网利用、c3p0☆251Updated 3 years ago
- Java Js Engine Payloads All in one☆270Updated last year
- ☆208Updated 6 months ago
- 命令执行不回显但DNS协议出网的命令回显场景解决方案(修改为使用ceye接收请求,添加自定义DNS服务器)☆289Updated last year
- Web Cache Poisoning Vulnerability Scanner☆35Updated last month
- 泛微OA_V9全版本的SQL远程代码执行漏洞☆157Updated 2 years ago
- 基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本(动态执行Java/Js代码并获得回显)☆267Updated 2 months ago
- JDBC Attack Tricks☆142Updated last year
- 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新☆37Updated 2 years ago
- 一个以fuzz为中心思想的被动扫描工具☆156Updated last year
- 免杀死亡笔记☆116Updated 2 years ago
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆266Updated 3 years ago
- 一个LDAP请求监听器,摆脱dnslog平台☆286Updated last year
- 自己积累的一些Java反序列化利用链☆87Updated 2 years ago
- A Go library for generating Java deserialization payloads.☆155Updated 6 months ago
- 字典生成工具☆85Updated last year
- 备份下比赛附件☆22Updated 2 years ago