blindpirate / spring-rce-2022-03

Related projects ⓘ

Alternatives and complementary repositories for spring-rce-2022-03

• cckuailong / spring-cloud-function-SpEL-RCE
  spring-cloud-function SpEL RCE, Vultarget & Poc
  ☆133Updated 2 years ago
• httptoolkit / jvm-http-proxy-agent
  A JVM agent that automatically forces a proxy for HTTP(S) connections and trusts MitM certificates, for all major JVM HTTP clients
  ☆71Updated 2 weeks ago
• chaitin / log4j2-vaccine
  log4j2-vaccine
  ☆85Updated 2 years ago
• luelueking / Bypass_JVM_Verifier
  Bypass JVM Class ByteCode Verifier , 对抗反编译器
  ☆108Updated last year
• threedr3am / log-agent
  利用agent hock指定的class，在jar运行周期内，用于跟踪被执行的方法，辅助做一些事情，比如挖洞啊
  ☆126Updated 4 years ago
• cn-panda / logbackRceDemo
  The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment wher…
  ☆83Updated 2 years ago
• xiaopan233 / Java_agent_without_file
  Java agent without file 无文件的Java agent
  ☆76Updated 2 years ago
• luelueking / ClazzSearcher
  一款使用Yaml定义搜索规则来搜索Class的工具
  ☆104Updated last year
• Rvn0xsy / DumperAnalyze
  通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩，可以做一些破解、加密验证的绕过等操作
  ☆95Updated 4 months ago
• boundaryx / cloudrasp-log4j2
  一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…
  ☆122Updated 2 years ago
• Marcono1234 / codeql-jdk-docker
  Unofficial Dockerfile and scripts for building CodeQL databases for the OpenJDK
  ☆47Updated 10 months ago
• XuCcc / VulEnv
  Debug CVEs!
  ☆31Updated last year
• flowerwind / AutoGenerateXalanPayload
  cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
  ☆87Updated last year
• haby0 / sec-note
  记录各语言、框架中危险的sink，个人代码审计、漏洞研究使用。
  ☆114Updated 2 years ago
• TonyD0g / JSPHunter
  基于污点分析和模拟栈帧技术的JSP Webshell检测
  ☆44Updated 3 weeks ago
• 5z1punch / AutoTypeDiscovery
  fastjson auto type derivation search
  ☆21Updated 3 years ago
• 0linlin0 / CyberBox
  Java Exp FrameWork
  ☆104Updated 3 years ago
• keven1z / simpleIAST
  simpleIAST- 基于污点追踪的灰盒漏洞扫描工具。
  ☆12Updated this week
• dbgee / fastjson-rce
  fastjson rce env based on springboot
  ☆38Updated 2 years ago
• SummerSec / SPATool
  静态程序分析工具 主要生成方法的CFG和.java文件的AST
  ☆126Updated last year
• momosecurity / mosec-maven-plugin
  用于检测maven项目的第三方依赖组件是否存在安全漏洞。
  ☆100Updated 2 years ago
• jweny / shiro-cve-2020-17523
  shiro-cve-2020-17523 漏洞的两种绕过姿势分析 以及配套的漏洞环境
  ☆113Updated 3 years ago
• ax1sX / SpringSecurity
  A list for Spring Security
  ☆118Updated 9 months ago
• threedr3am / dubbo-exp
  dubbo快速利用exp，基本上老版本覆盖100%。
  ☆102Updated 10 months ago
• phith0n / tls_proxy
  A lightweight reverse proxy server that converts TLS traffic to TCP, allowing secure communication between clients and upstream servers.
  ☆65Updated 2 months ago
• Marcono1234 / serial-builder
  Library for manually creating Java serialization data.
  ☆28Updated last year
• wh1t3p1g / tabby-path-finder
  A neo4j procedure for tabby
  ☆115Updated 5 months ago