altEr1125/ShiroAttack2 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

altEr1125/ShiroAttack2

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/altEr1125/ShiroAttack2)

Close

altEr1125 / ShiroAttack2View on GitHubMore

• External links
• Readme badge

一款针对Shiro550漏洞进行快速漏洞利用工具。 对 @SummerSec 大佬的项目https://github.com/SummerSec/ShiroAttack2 进行了一些改进。

☆250May 29, 2023Updated 2 years ago

Alternatives and similar repositories for ShiroAttack2

Users that are interested in ShiroAttack2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• wgpsec / YongYouNcTool

  View on GitHub
  用友NC系列漏洞检测利用工具，支持一键检测、命令执行回显、文件落地、一键打入内存马、文件读取等
  ☆586Aug 19, 2023Updated 2 years ago
• savior-only / Spring_All_Reachable

  View on GitHub
  Spring漏洞综合利用工具
  ☆675Jul 5, 2023Updated 2 years ago
• KimJun1010 / WeblogicTool

  View on GitHub
  WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）
  ☆1,786Nov 1, 2023Updated 2 years ago
• Chave0v0 / YONYOU-TOOL

  View on GitHub
  用友漏洞综合利用工具
  ☆265Nov 9, 2024Updated last year
• novysodope / fupo_for_yonyou

  View on GitHub
  用友漏洞检测，持续更新漏洞检测模块
  ☆479Jul 21, 2025Updated 8 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• TonyNPham / GodzillaPlugin-Suo5-MemProxy

  View on GitHub
  一款高性能 HTTP 内存代理 | 哥斯拉插件 | readteam | 红队 | 内存马 | Suo5 | Godzilla | 正向代理
  ☆288Aug 8, 2023Updated 2 years ago
• zhaoyumi / WeaverExploit_All

  View on GitHub
  泛微最近的漏洞利用工具（PS：2023）
  ☆481Dec 14, 2023Updated 2 years ago
• libaibaia / cloudSec

  View on GitHub
  云安全利用工具-云平台AK/SK-WEB利用工具，添加AK/SK自动检测资源，无需手动执行，支持云服务器、存储桶、数据库操作
  ☆589Dec 19, 2024Updated last year
• LittleBear4 / OA-EXPTOOL

  View on GitHub
  OA综合利用工具，集合将近20款OA漏洞批量扫描
  ☆1,341Oct 28, 2023Updated 2 years ago
• Hel10-Web / Databasetools

  View on GitHub
  一款用Go语言编写的数据库自动化提权工具，支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接
  ☆863Aug 30, 2023Updated 2 years ago
• sma11new / Pyke-Shiro

  View on GitHub
  复杂请求下的Shiro反序列化利用工具
  ☆422Mar 12, 2024Updated 2 years ago
• c0olw / NacosRce

  View on GitHub
  Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用
  ☆850Jul 7, 2023Updated 2 years ago
• Avienma / DumpHash

  View on GitHub
  一款dump hash工具配合后渗透的利用
  ☆276Apr 21, 2023Updated 2 years ago
• White-hua / Apt_t00ls

  View on GitHub
  高危漏洞利用工具
  ☆1,835Feb 12, 2025Updated last year
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• Schira4396 / VcenterKiller

  View on GitHub
  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
  ☆1,473Apr 25, 2024Updated last year
• Lotus6 / ConfluenceMemshell

  View on GitHub
  Confluence CVE 2021，2022，2023 利用工具，支持命令执行，哥斯拉，冰蝎 内存马注入
  ☆557Feb 1, 2024Updated 2 years ago
• LTianHang / ShiroUploadTools

  View on GitHub
  Shiro文件上传工具
  ☆102Jun 28, 2023Updated 2 years ago
• Ni4n / ShellGenerate

  View on GitHub
  哥斯拉jsp/jspx免杀webshell生成器
  ☆209Apr 28, 2023Updated 2 years ago
• wafinfo / NCTOOls

  View on GitHub
  一款针对用友NC综合漏洞利用工具
  ☆241Nov 27, 2023Updated 2 years ago
• pykiller / API-T00L

  View on GitHub
  互联网厂商API利用工具。
  ☆568Sep 13, 2024Updated last year
• YYHYlh / Apache-Dubbo-CVE-2023-23638-exp

  View on GitHub
  Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
  ☆230Aug 8, 2023Updated 2 years ago
• Lotus6 / JavaGadgetGenerator

  View on GitHub
  JavaGadgetGenerator 工具，支持 ysoserial，Hessian，字节码，Expr/SSTI，Shiro，JDBC 等 Gadget 生成，封装，混淆，出网延迟探测，内存马注入等...
  ☆562Apr 3, 2026Updated 2 weeks ago
• abc123info / Struts2VulsScanTools

  View on GitHub
  1、点击“检测漏洞”，会自动检测该URL是否存在S2-001、S2-005、S2-009、S2-013、S2-016、S2-019、S2-020/021、S2-032、S2-037、DevMode、S2-045/046、S2-052、S2-048、S2-053、S2-057…
  ☆956Nov 3, 2025Updated 5 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• cseroad / Exp-Tools

  View on GitHub
  一款集成高危漏洞exp的实用性工具
  ☆1,304Nov 6, 2024Updated last year
• Hutt0n0 / ActiveMqRCE

  View on GitHub
  用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用 内存马注入
  ☆289Nov 20, 2023Updated 2 years ago
• 1ucky7 / jmg-for-Godzilla

  View on GitHub
  Godzilla插件|内存马|Suo5内存代理｜jmg for Godzilla
  ☆244Jun 6, 2024Updated last year
• Mayter / mssql-command-tool

  View on GitHub
  xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作，上传，job等相应操作。
  ☆197Nov 25, 2023Updated 2 years ago
• novysodope / ST2Scanner

  View on GitHub
  Struts2漏洞扫描 Burp插件
  ☆131Mar 21, 2023Updated 3 years ago
• hkxueqi / YonyouNc-UNSERIALIZE-scan

  View on GitHub
  Yonyou-UNSERIALIZE,用友NC 反序列化检查工具,批量检测用友NC 反序列化
  ☆50Jul 21, 2023Updated 2 years ago
• SummerSec / ShiroAttack2

  View on GitHub
  shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
  ☆2,452Updated this week
• achuna33 / Memoryshell-JavaALL

  View on GitHub
  收集内存马打入方式
  ☆507May 20, 2022Updated 3 years ago
• R4gd0ll / I-Wanna-Get-All

  View on GitHub
  综合漏洞后渗透利用工具
  ☆1,709Dec 11, 2025Updated 4 months ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• F6JO / RouteVulScan

  View on GitHub
  Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件
  ☆1,316Jun 29, 2024Updated last year
• DeEpinGh0st / MDUT-Extend-Release

  View on GitHub
  MDUT-Extend(扩展版本)
  ☆916Mar 27, 2026Updated 3 weeks ago
• Schira4396 / HrmsTamper

  View on GitHub
  适用于某EHR&HRM的加解密工具，可直接用于sqlmap
  ☆25Jan 14, 2024Updated 2 years ago
• bmth666 / Yongyou-Unserialize-plus

  View on GitHub
  用友的一些反序列化链子以及1day，二开了狼组的YongYouNcTool，改了一下逻辑以及poc
  ☆126Oct 12, 2024Updated last year
• pen4uin / java-memshell-generator

  View on GitHub
  一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
  ☆2,179Aug 21, 2025Updated 7 months ago
• Bl0omZ / JNDIEXP

  View on GitHub
  JNDI在java高版本的利用工具,FUZZ利用链
  ☆601Oct 8, 2022Updated 3 years ago
• zangcc / CVE-2022-22965-rexbb

  View on GitHub
  CVE-2022-22965\Spring-Core-RCE核弹级别漏洞的rce图形化GUI一键利用工具，基于JavaFx开发，图形化操作更简单，提高效率。
  ☆102Nov 14, 2023Updated 2 years ago