Y4er / yaml-payload
Spring Cloud SnakeYAML 反序列化一键注入cmdshell和reGeorg
☆128Updated 3 years ago
Related projects: ⓘ
- ☆152Updated this week
- ☆124Updated this week
- ☆137Updated this week
- ☆193Updated this week
- WIP: Demo for Attacking Apereo CAS☆83Updated 4 years ago
- JumpServer远程代码执行漏洞检测利用脚本☆199Updated 3 years ago
- 中国蚁剑JSP一句话Payload☆117Updated 3 years ago
- GUI Exploit Tool For RedTeam☆7Updated 3 years ago
- 通过jsp注入valve内存马,可以忽略框架影响,通用tomcat789☆90Updated 2 years ago
- Shiro-721 Padding Oracle Attack☆68Updated 3 years ago
- Apache Shiro 反序列化漏洞检测与利用工具,一键注入内存马☆138Updated 3 years ago
- 用于WebLogic poc及exp测试的基础脚本,后续将集成各版本poc库☆94Updated 3 years ago
- ☆80Updated 2 years ago
- 利用字符集编码绕过waf的burpsuite插件☆116Updated 3 years ago
- ☆81Updated 3 years ago
- 🐸fingerprint detect framework 批量深度指纹识别框架☆119Updated last year
- SpringBoot Actuator未授权自动化利用,支持信息泄漏/RCE☆233Updated 3 years ago
- 可在Windows下执行系统命令的Redis模块,可用于Redis主从复制攻击。☆255Updated last year
- Source code of Behinder, a shell manager.冰蝎源码,反编译,当前版本3.0 Beta6,支持内存马注入☆89Updated 3 years ago
- 阿里云AccessKey泄漏利用工具☆142Updated 3 years ago
- woodpecker框架weblogic信息探测插件☆179Updated 2 years ago
- 通达OA一些 漏洞点☆158Updated 4 years ago
- 利用长亭xray高级版的回显Gadget重写的一个shiro反序列化利用工具。☆123Updated 4 years ago
- ☆280Updated 2 years ago
- fastjson 1.2.68 版本 autotype bypass☆140Updated 2 years ago
- cve-2020-1472 复现利用及其exp☆105Updated 4 years ago
- ☆78Updated this week
- SMTP Netcat , test SMTP protocol☆105Updated 2 years ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in redis with password.用于生成附带密码认证的gopher内容,用于SSRF等利用。☆108Updated 5 years ago
- ☆50Updated this week