Whoopsunix / PPPVULNSView external linksLinks
Java CVE Vulnerability Environment
☆43Jun 11, 2024Updated last year
Alternatives and similar repositories for PPPVULNS
Users that are interested in PPPVULNS are comparing it to the libraries listed below
Sorting:
- Abandoned - fastjson 1.2.24-1.2.80 poc & vulns env & how to check vul☆96Oct 30, 2023Updated 2 years ago
- Flash水坑修改版-添加操作系统判断,文件下载判断,exe base64编码进js内部无需302跳转伪造页面点击即可下载,js混淆☆14Nov 10, 2023Updated 2 years ago
- 整理容器逃逸相关的漏洞和exploits.☆15Apr 17, 2024Updated last year
- 修改Bug后的ParamSpider,方便各位师傅使用☆13Nov 13, 2024Updated last year
- Cobalt Strike二次开发笔记,记录功能和思路☆16Jul 9, 2022Updated 3 years ago
- ☆30Dec 6, 2024Updated last year
- Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式☆545Mar 6, 2025Updated 11 months ago
- JavaRce complements project - use RASP to prevent vulnerabilities☆24Apr 22, 2024Updated last year
- CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!☆106Nov 7, 2024Updated last year
- Java Decompile Tool GUI-JAVA反编译工具(界面版)☆127Apr 14, 2021Updated 4 years ago
- java-swing-gui-stater | Java Swing GUI Maven 项目模板 | 简单的教程☆62Oct 30, 2024Updated last year
- 一个基于Codeql规则的go靶场☆41Feb 19, 2025Updated 11 months ago
- 使用 Docker 一键构建 JDK 源码的 CodeQL 数据库,方便使用 CodeQL 查找 JDK 中的数据。☆27May 14, 2025Updated 9 months ago
- 一个基于 Vineflower 引擎的多线程 Java 批量反编译工具,支持快速处理大量的 class 文件和 JAR 文件。☆58Apr 28, 2025Updated 9 months ago
- Java bytecode line number restoration tool☆134Aug 31, 2025Updated 5 months ago
- 若依4.8.0后台RCE☆26May 21, 2025Updated 8 months ago
- y4er的ysoserial修改版,加入mysql不出网pipe文件生成☆24Jan 30, 2026Updated 2 weeks ago
- nacos api bypass & jwt bypass & get all configs☆42Aug 9, 2023Updated 2 years ago
- ysoserial for 1nhann☆11Sep 26, 2022Updated 3 years ago
- 常用的frida脚本☆16Mar 7, 2023Updated 2 years ago
- Fastjson Poc for 1.2.33~1.2.36 with bcel☆11Oct 27, 2020Updated 5 years ago
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆460Jan 12, 2025Updated last year
- JAVA 安全靶场,IAST 测试用例,JAVA漏洞复现,代码审计,SAST测试用例,安全扫描(主动和被动),JAVA漏洞靶场,RASP测试用例 ; Java Security Testbed, IAST Test Cases, Java Vulnerability R…☆270Sep 6, 2024Updated last year
- 命令执行写任意文件,主要用于命令执行但不出网情况☆30Sep 9, 2023Updated 2 years ago
- 基于Agent技术实现的Java内存马查杀、防护工具。☆94Jul 25, 2024Updated last year
- javaGGC for generate commons.collections gadget chain☆12Nov 10, 2021Updated 4 years ago
- A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-v…☆565Feb 4, 2026Updated last week
- 一款专注于 Java 主流 Web 中间件的内存马快速生成工具,致力于简化安全研究人员和红队成员的工作流程,提升攻防效率☆1,338Updated this week
- 利用代理驱动绕过JDBC Attack检测☆143Jun 15, 2025Updated 7 months ago
- burp手工检测fastjson辅助☆88Mar 4, 2024Updated last year
- 当死去的记忆突然开始攻击我,我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。☆87Jul 21, 2022Updated 3 years ago
- Some ReadObject Sink With JDBC☆243May 8, 2024Updated last year
- JavaGadgetGenerator 工具,支持 ysoserial,Hessian,字节码,Expr/SSTI,Shiro,JDBC 等 Gadget 生成,封装,混淆,出网延迟探测,内存马注入等...☆546Dec 7, 2025Updated 2 months ago
- 本项目是记录自己在Java代码审计过程中遇到的一些优秀文章内容,以及涉及到的Java项目源文件,汇总起来方便初学者下载分析。☆31Jun 14, 2022Updated 3 years ago
- fastjson全版本漏洞利用工具,只支持POST☆10Jan 5, 2021Updated 5 years ago
- 用于内网渗透测试的工具包括 crto 认证、AD 渗透以及内网信息收集项目的自存☆18May 31, 2024Updated last year
- 检测域内常见一把梭漏洞,包括:NoPac、ZeroLogon、CVE-2022-26923、PrintNightMare☆79Oct 23, 2023Updated 2 years ago
- 用Java agent实现内存马等功能☆197Jul 27, 2023Updated 2 years ago
- xxl-job内存马☆226Jan 26, 2025Updated last year