blindpirate / spring-rce-2022-03-hotfix

Related projects: ⓘ

• cckuailong / spring-cloud-function-SpEL-RCE
  spring-cloud-function SpEL RCE, Vultarget & Poc
  ☆133Updated 2 years ago
• cn-panda / logbackRceDemo
  The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment wher…
  ☆84Updated 2 years ago
• chaitin / log4j2-vaccine
  log4j2-vaccine
  ☆85Updated 2 years ago
• httptoolkit / jvm-http-proxy-agent
  A JVM agent that automatically forces a proxy for HTTP(S) connections and trusts MitM certificates, for all major JVM HTTP clients
  ☆69Updated 3 months ago
• ax1sX / SpringSecurity
  A list for Spring Security
  ☆117Updated 8 months ago
• Mr-xn / spring-core-rce
  CVE-2022-22965 : about spring core rce
  ☆51Updated 2 years ago
• Rvn0xsy / DumperAnalyze
  通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩，可以做一些破解、加密验证的绕过等操作
  ☆96Updated 3 months ago
• momosecurity / mosec-maven-plugin
  用于检测maven项目的第三方依赖组件是否存在安全漏洞。
  ☆99Updated 2 years ago
• luelueking / ClazzSearcher
  一款使用Yaml定义搜索规则来搜索Class的工具
  ☆103Updated last year
• boundaryx / cloudrasp-log4j2
  一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…
  ☆121Updated 2 years ago
• XuCcc / VulEnv
  Debug CVEs!
  ☆31Updated last year
• luelueking / Bypass_JVM_Verifier
  Bypass JVM Class ByteCode Verifier , 对抗反编译器
  ☆106Updated 11 months ago
• TonyD0g / JSPHunter
  基于污点分析和模拟栈帧技术的JSP Webshell检测
  ☆43Updated 4 months ago
• jrialland / ajp-client
  Java implementation of an AJP13 protocol client (aka Apache JServ), allowing to send requests to a servlet container using this protocol.
  ☆30Updated 5 months ago
• threedr3am / log-agent
  利用agent hock指定的class，在jar运行周期内，用于跟踪被执行的方法，辅助做一些事情，比如挖洞啊
  ☆126Updated 4 years ago
• EmYiQing / LDAPKit
  ☆123Updated this week
• longofo / rmi-jndi-ldap-jrmp-jmx-jms
  rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
  ☆306Updated 2 years ago
• Y4Sec-Team / CVE-2023-21939
  JDK CVE-2023-21939
  ☆97Updated last year
• haby0 / sec-note
  记录各语言、框架中危险的sink，个人代码审计、漏洞研究使用。
  ☆114Updated 2 years ago
• threedr3am / dubbo-exp
  dubbo快速利用exp，基本上老版本覆盖100%。
  ☆103Updated 8 months ago
• BeichenDream / InjectJDBC
  注入JVM进程 动态获取目标进程连接的数据库
  ☆306Updated 2 years ago
• jweny / shiro-cve-2020-17523
  shiro-cve-2020-17523 漏洞的两种绕过姿势分析 以及配套的漏洞环境
  ☆112Updated 3 years ago
• leonlee / jrdwp
  Java Remote Debug through Websocket Proxy.
  ☆61Updated 7 years ago
• xiaopan233 / Java_agent_without_file
  Java agent without file 无文件的Java agent
  ☆77Updated 2 years ago
• wh1t3p1g / tabby-path-finder
  A neo4j procedure for tabby
  ☆111Updated 3 months ago
• XuefengWu / dependence_java
  analysis java dependence and store in neo4j
  ☆18Updated 5 years ago
• 0linlin0 / CyberBox
  Java Exp FrameWork
  ☆105Updated 3 years ago
• Marcono1234 / codeql-jdk-docker
  Unofficial Dockerfile and scripts for building CodeQL databases for the OpenJDK
  ☆47Updated 8 months ago
• baidu-security / openrasp-v8
  Google V8 with OpenRASP builtins
  ☆55Updated 3 years ago
• udoless / apache-log4j-rce-poc
  ☆2Updated 2 years ago