Whoopsunix / PPPYSOLinks
proof-of-concept for generating Java deserialization payload | Proxy MemShell
☆193Updated 11 months ago
Alternatives and similar repositories for PPPYSO
Users that are interested in PPPYSO are comparing it to the libraries listed below
Sorting:
- Java Js Engine Payloads All in one☆271Updated last year
- 用java实现构造openwire协议,利用activeMQ < 5.18.3 RCE 回显利用 内存马注入☆280Updated last year
- Some ReadObject Sink With JDBC☆216Updated last year
- CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!☆94Updated 6 months ago
- 一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。☆168Updated last year
- 无需文件落地Agent内存马生成器☆237Updated last year
- 通过jsp脚本扫描并查杀Tomcat内存马,当前支持Servlet-api、Tomcat-Value、Timer、Websocket 、Upgrade 、ExecutorShell内存马的查杀逻辑。☆59Updated 2 years ago
- 命令执行不回显但DNS协议出网的命令回显场景解决方案(修改为使用ceye接收请求,添加自定义DNS服务器)☆291Updated last year
- Godzilla插件|内存马|Suo5内存代理|jmg for Godzilla☆223Updated 11 months ago
- fastjson 80 远程代码执行漏洞复现☆194Updated 2 years ago
- A memory shell for ruoyi☆247Updated 2 years ago
- Java表达式语句生成器☆190Updated last year
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆124Updated last year
- 基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本(动态执行Java/Js代码并获得回显)☆284Updated 5 months ago
- 不那么一样的 Java Agent 内存马☆263Updated last year
- 使用 Godzilla 一键注入 Suo5 内存马☆392Updated last year
- ☆215Updated 8 months ago
- rmi打内存马工具,适用于目标用不了ldap的情况☆254Updated last year
- 记录一些代码审计过的源码☆146Updated 3 months ago
- A Java Route Collection Tool☆97Updated 10 months ago
- java-web 自动化鉴权绕过☆300Updated 2 months ago
- 内存马查杀工具,尤其针对Agent型,原理是dump出JVM当前的class并进行字节码分析,并加入自动修复的功能☆154Updated 2 years ago
- 自己积累的一些Java反序列化利用链☆89Updated 2 years ago
- evil-mysql-server is a malicious database written to target jdbc deserialization vulnerabilities and requires ysoserial.☆91Updated 2 years ago
- 一款支持自定义的 Java 回显载荷生成工具 |A customizable Java echo payload generation tool.☆428Updated 4 months ago
- 一款Java内存马生成、测试工具,搭配@ax1sX的MemShell食用。☆224Updated 10 months ago
- 内网集权系统渗透测试笔记☆11Updated 7 months ago
- 命令执行不回显但DNS协议出网的命令回显场景解决方案☆276Updated 2 years ago
- GodInfo 是一个功能全面的后渗透信息和凭据收集工具,旨在帮助安全测试人员在获得授权访问权限后,快速收集目标系统的信息和凭据。☆209Updated last month
- 改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能☆279Updated last year