blindpirate / spring-rce-2022-03
☆15Updated 3 years ago
Alternatives and similar repositories for spring-rce-2022-03:
Users that are interested in spring-rce-2022-03 are comparing it to the libraries listed below
- spring-cloud-function SpEL RCE, Vultarget & Poc☆134Updated 3 years ago
- The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment wher…☆87Updated 3 years ago
- log4j2-vaccine☆85Updated 3 years ago
- 通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩,可以做一些破解、加密验证的绕过等操作☆99Updated 9 months ago
- 本项目可以把一个或多个Jar包构建成数据库,用户连接数据库后通过SQL语句任意搜索需要的内容,例如类和方法信息,方法调用关系等☆77Updated last year
- Extract loaded classes from a running JVM application☆37Updated 2 years ago
- 一款使用Yaml定义搜索规则来搜索Class的工具☆104Updated last year
- 用Java agent实现内存马等功能☆191Updated last year
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆126Updated 4 years ago
- Bypass JVM Class ByteCode Verifier , 对抗反编译器☆111Updated last year
- Using JavaParser (https://github.com/JavaParser/JavaParser), browse and navigate the Abstract Syntax Tree (AST) based on the code in your…☆51Updated 2 weeks ago
- A JVM agent that automatically forces a proxy for HTTP(S) connections and trusts MitM certificates, for all major JVM HTTP clients☆79Updated last week
- Low-level RASP: Protecting Applications Implemented in High-level Programming Languages☆59Updated last year
- fastjson rce env based on springboot☆39Updated 3 years ago
- 静态程序分析工具 主要生成方法的CFG和.java文件的AST☆128Updated last year
- Auto Code Audit Framework for Java☆96Updated 3 years ago
- ZKar is a Java serialization protocol analysis tool implement in Go.☆608Updated last month
- Java Remote Debug through Websocket Proxy.☆62Updated 8 years ago
- Among the existing Log4shell practice materials JNDIExploit v1.2☆37Updated 3 years ago
- DHook是一个支持动态debug,动态修改java程序的web应用.☆87Updated 3 months ago
- Java agent without file 无文件的Java agent☆78Updated 2 years ago
- Unofficial Dockerfile and scripts for building CodeQL databases for the OpenJDK☆48Updated last year
- My CTF Challenges☆16Updated 4 months ago
- boy-hack☆64Updated 7 months ago
- notes☆27Updated 2 years ago
- Debug CVEs!☆33Updated last year
- 《深入理解IAST交互式应用安全测试》Interactive Application Security Testing.☆13Updated 2 years ago
- Pure Java WMI Client☆29Updated 8 years ago
- a dnslog platform with tornado, less code.☆23Updated 4 years ago
- 专注于JVM的运行时防御系统RASP☆281Updated 9 months ago