blindpirate / spring-rce-2022-03
☆15Updated 3 years ago
Alternatives and similar repositories for spring-rce-2022-03:
Users that are interested in spring-rce-2022-03 are comparing it to the libraries listed below
- spring-cloud-function SpEL RCE, Vultarget & Poc☆134Updated 3 years ago
- log4j2-vaccine☆85Updated 3 years ago
- The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment wher…☆87Updated 3 years ago
- Google V8 with OpenRASP builtins☆57Updated 3 years ago
- 一款使用Yaml定义搜索规则来搜索Class的工具☆104Updated last year
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆478Updated 4 years ago
- 静态程序分析工具 主要生成方法的CFG和.java文件的AST☆128Updated last year
- 本项目可以把一个或多个Jar包构建成数据库,用户连接数据库后通过SQL语句任意搜索需要的内容,例如类和方法信息,方法调用关系等☆77Updated last year
- Bypass JVM Class ByteCode Verifier , 对抗反编译器☆112Updated last year
- 一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…☆123Updated 3 years ago
- SpringCore0day from https://share.vx-underground.org/ & some additional links☆394Updated 3 years ago
- ☆268Updated 3 years ago
- 用于检测maven项目的第三方依赖组件是否存在安全漏洞。☆103Updated 3 years ago
- A neo4j procedure for tabby☆121Updated 10 months ago
- 用Java agent实现内存马等功能☆191Updated last year
- 《深入理解IAST交互式应用安全测试》Interactive Application Security Testing.☆13Updated 2 years ago
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆126Updated 4 years ago
- JavaWeb漏洞审计工具,构建方法调用链并模拟栈帧进行分析☆327Updated last year
- Extract loaded classes from a running JVM application☆37Updated 3 years ago
- 通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩,可以做一些破解、加密验证的绕过等操作☆101Updated 10 months ago
- 🌶 一些和容器化/容器编排/服务网格等技术相关的安全代码片段[自用备份]☆80Updated 3 years ago
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆309Updated 2 years ago
- 🍵 Gitea repository migration remote command execution exploit.☆85Updated 2 years ago
- 不 那么一样的 Java Agent 内存马☆262Updated last year
- 专注于JVM的运行时防御系统RASP☆281Updated 10 months ago
- A penetration toolkit for container environment☆77Updated 3 months ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Updated 3 years ago
- ☆148Updated 5 years ago
- JAVA 安全靶场,IAST 测试用例,JAVA漏洞复现,代码审计,SAST测试用例,安全扫描(主动和被动),JAVA漏洞靶场,RASP测试用例 ; Java Security Testbed, IAST Test Cases, Java Vulnerability R…☆239Updated 7 months ago
- ZKar is a Java serialization protocol analysis tool implement in Go.☆610Updated 2 months ago