TonyD0g / JSPHunter

基于污点分析和模拟栈帧技术的JSP Webshell检测

☆45

Alternatives and similar repositories for JSPHunter:

Users that are interested in JSPHunter are comparing it to the libraries listed below

P4r4d1se / heapdump_shiro_vuln
A heapdump leaks Shiro key causing RCE vulnerability environment.
☆54Updated 11 months ago
lz2y / DubboPOC
Apache Dubbo漏洞测试Demo及其POC
☆61Updated 2 years ago
ax1sX / SpringSecurity
A list for Spring Security
☆122Updated last year
yuligesec / watchvuln
一个高价值漏洞采集与推送服务 | A valueable vulnerability collection and push service
☆31Updated 6 months ago
qi4L / Ysoserial-go
A Go library for generating Java deserialization payloads.
☆155Updated 7 months ago
woodpecker-framework / woodpecker-requests
woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。
☆67Updated 2 years ago
AfterSnows / ApricusFindEvil
检测查杀java内存马
☆78Updated last year
kyo-w / Spel-research
Spel-research
☆26Updated 2 years ago
KpLi0rn / DeserializeAll
一个简单的批量反编译jar包的小脚本
☆35Updated 3 years ago
woodpecker-appstore / java-memshell-generator
Java 内存马生成插件
☆50Updated last year
hosch3n / FastjsonVulns
[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
☆90Updated 2 years ago
HackJava / JNDI
《JNDI-深入理解Java万恶之源》
☆37Updated last year
freeFV / ShortPayload
如何将Java反序列化Payload极致缩小
☆49Updated 3 years ago
0xrumble / BytecodeScreen
☆50Updated 2 years ago
ssrsec / SpringBootEnvDecrypt
SpringBoot获取被星号脱敏的密码的明文
☆58Updated 3 years ago
turn1tup / JvmRaspBypass
☆14Updated 2 years ago
su18 / rasp-vuln
当死去的记忆突然开始攻击我，我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。
☆77Updated 2 years ago
xiaopan233 / Java_agent_without_file
Java agent without file 无文件的Java agent
☆78Updated 3 years ago
0linlin0 / Java
java
☆54Updated 2 years ago
ax1sX / MemShell
MemShell List
☆80Updated last year
sf197 / MemoryShellHunter
Java Agent memory horse scanner combined with Call Graph modus
☆62Updated 2 years ago
l3yx / Java-RASP-Research-Env
之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境
☆64Updated 6 months ago
Rvn0xsy / DumperAnalyze
通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩，可以做一些破解、加密验证的绕过等操作
☆101Updated 10 months ago
Y4Sec-Team / no-templates
如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过
☆50Updated last year
Le1a / CVE-2023-33246
Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit
☆80Updated last year
flowerwind / AutoGenerateXalanPayload
cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
☆90Updated 2 years ago
Getshell / Fanzhi
《FanZhi-攻击与反制的艺术》
☆64Updated last year
wh1t3p1g / tabby-intellij-plugin
A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
☆34Updated 5 months ago
NorthShad0w / NetOuter
一键出网探测工具
☆73Updated 2 years ago
webraybtl / ysoserialbtl
基于ysoserial扩展命令执行结果回显，生成冰蝎内存马
☆87Updated last year