airman604 / jdbc-backdoorView external linksLinks
A fake JDBC driver that allows OS command execution.
☆125Oct 2, 2022Updated 3 years ago
Alternatives and similar repositories for jdbc-backdoor
Users that are interested in jdbc-backdoor are comparing it to the libraries listed below
Sorting:
- ☆153Jun 24, 2019Updated 6 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆386Apr 16, 2022Updated 3 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- FileReader Exploit☆256Mar 20, 2019Updated 6 years ago
- Learn how to get a reverse shell from JIRA application server☆24Dec 2, 2018Updated 7 years ago
- A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.☆216Mar 31, 2019Updated 6 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆821Sep 4, 2019Updated 6 years ago
- ☆146Jun 20, 2018Updated 7 years ago
- backdoor☆262Jul 26, 2025Updated 6 months ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 6 years ago
- A backdoor module for Apache2☆200Jan 17, 2020Updated 6 years ago
- ☆85Dec 6, 2019Updated 6 years ago
- Shiro RCE (Padding Oracle Attack)☆148Nov 15, 2019Updated 6 years ago
- CVE-2018-3245-PoC☆172Jul 13, 2021Updated 4 years ago
- Java After-Deserialization Attack☆79Apr 26, 2021Updated 4 years ago
- AggressorScript-UploadAndRunFrp/上传frpc并且运行frpc☆63Sep 1, 2019Updated 6 years ago
- Shiro_721 exp 纯手工实现Padding Oracle整个过程☆67Nov 20, 2019Updated 6 years ago
- SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.☆104Feb 28, 2018Updated 7 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- flash 劫持轮子,CSRF,劫持,跳转,swf 有需求可以提issues ,src挖掘,劫持response☆86Nov 9, 2019Updated 6 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Feb 8, 2020Updated 6 years ago
- ☆54Aug 13, 2018Updated 7 years ago
- CVE-2019-1040 with Exchange☆253Jun 18, 2021Updated 4 years ago
- CVE-2018-8021 Proof-Of-Concept and Exploit☆106Dec 3, 2018Updated 7 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- This is a patched version of ExchangeRelayX☆14Aug 13, 2020Updated 5 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆103Mar 10, 2020Updated 5 years ago
- 便捷地使用PostgreSQL自定义函数来执行系统命令,适用于数据库管理员知道postgres密码却不知道ssh或RDP密码的时候在服务器执行系统命令。☆55Mar 10, 2020Updated 5 years ago
- a webshell resides in the memory of java web server☆699Jun 26, 2018Updated 7 years ago
- Test CVE-2018-0296 and extract usernames☆106Dec 9, 2018Updated 7 years ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆297Jun 10, 2019Updated 6 years ago
- Use to check the valid account of the Remote Desktop Protocol(Support plaintext and ntlmhash)☆165May 14, 2020Updated 5 years ago
- ☆208May 1, 2020Updated 5 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- Weblogic coherence.jar RCE☆176May 10, 2020Updated 5 years ago
- ☆164May 18, 2018Updated 7 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- Set Up WebDAV Server for Remote File Sharing and more☆35Aug 22, 2019Updated 6 years ago