boundaryx / cloudrasp-log4j2
一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
☆122Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for cloudrasp-log4j2
- RMI 反序列化环境 一步步☆211Updated 4 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆179Updated 3 years ago
- fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.☆223Updated 2 years ago
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆264Updated 2 years ago
- SpringBoot Actuator未授权自动化利用,支持信息泄漏/RCE☆232Updated 3 years ago
- attackRmi☆250Updated 4 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆101Updated 4 years ago
- ☆145Updated 3 years ago
- 一款通过污点追踪发现Jsp webshell的工具(A tool to find Jsp Webshell through stain tracking)☆175Updated 2 years ago
- fastjson 1.2.68 版本 autotype bypass☆140Updated 2 years ago
- Spring Cloud SnakeYAML 反序列化一键注入cmdshell和reGeorg☆130Updated 4 years ago
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆126Updated 4 years ago
- struts2 漏洞环境源代码☆75Updated 2 years ago
- exploit for fastjson remote code execution vulnerability☆152Updated last year
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213Updated 4 years ago
- ☆181Updated last month
- 中国蚁剑JSP一句话Payload☆118Updated 4 years ago
- Tomcat 冰蝎内存马。☆213Updated 4 years ago
- Java Exp FrameWork☆104Updated 3 years ago
- 又一款敏感文件泄漏检测工具☆106Updated 5 years ago
- bypass JEP290 RaspHook code☆62Updated 4 years ago
- 利用链、漏洞检测工具☆367Updated 3 months ago
- 基于AST的JSONP劫持漏洞自动化挖掘☆94Updated 4 years ago
- 个人使用CodeQL编写的一些规则☆174Updated 2 years ago