cckuailong / spring-cloud-function-SpEL-RCE

Related projects: ⓘ

• boundaryx / cloudrasp-log4j2
  一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…
  ☆121Updated 2 years ago
• lucksec / Spring-Cloud-Gateway-CVE-2022-22947
  CVE-2022-22947
  ☆217Updated 2 years ago
• 4ra1n / FindShell
  ☆216Updated this week
• chaitin / log4j2-vaccine
  log4j2-vaccine
  ☆85Updated 2 years ago
• lalajun / RMIDeserialize
  RMI 反序列化环境 一步步
  ☆211Updated 4 years ago
• kezibei / fastjson_payload
  ☆171Updated 2 weeks ago
• kxcode / JNDI-Exploit-Bypass-Demo
  Demo code for post <Restrictions of JNDI Manipulation RCE & Bypass>
  ☆258Updated 2 years ago
• r00t4dm / aLIEz
  杀内存马的工具，欢迎code review，提出更好的意见
  ☆181Updated 8 months ago
• waderwu / attackRmi
  attackRmi
  ☆250Updated 3 years ago
• woodpecker-appstore / jexpr-encoder-utils
  Java表达式语句生成器
  ☆176Updated 11 months ago
• BeichenDream / Kcon2021Code
  ☆270Updated 2 years ago
• kezibei / Urldns
  ☆273Updated last month
• EmYiQing / CodeInspector
  ☆149Updated this week
• longofo / rmi-jndi-ldap-jrmp-jmx-jms
  rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
  ☆306Updated 2 years ago
• Ppsoft1991 / CodeReviewTools
  通过正则搜索、批量反编译特定Jar包中的class名称
  ☆302Updated 2 years ago
• keven1z / weblogic_memshell
  适用于weblogic和Tomcat的无文件的内存马(memshell)
  ☆264Updated 2 years ago
• ydnzol / memshell
  Tomcat 冰蝎内存马。
  ☆212Updated 4 years ago
• Y4er / yaml-payload
  Spring Cloud SnakeYAML 反序列化一键注入cmdshell和reGeorg
  ☆128Updated 3 years ago
• corener / JavaPassDump
  JavaPassDump
  ☆213Updated 2 years ago
• Y4er / fastjson-bypass-autotype-1.2.68
  fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
  ☆223Updated last year
• 5wimming / gadgetinspector
  利用链、漏洞检测工具
  ☆360Updated last month
• ax1sX / SpringSecurity
  A list for Spring Security
  ☆117Updated 8 months ago
• flowerwind / JspFinder
  一款通过污点追踪发现Jsp webshell的工具(A tool to find Jsp Webshell through stain tracking)
  ☆174Updated 2 years ago
• 4ra1n / ShortPayload
  ☆210Updated this week
• Er1cccc / ACAF
  Auto Code Audit Framework for Java
  ☆97Updated 2 years ago
• LFYSec / ActuatorExploit
  SpringBoot Actuator未授权自动化利用，支持信息泄漏/RCE
  ☆233Updated 3 years ago
• jweny / shiro-cve-2020-17523
  shiro-cve-2020-17523 漏洞的两种绕过姿势分析 以及配套的漏洞环境
  ☆112Updated 3 years ago
• threedr3am / dubbo-exp
  dubbo快速利用exp，基本上老版本覆盖100%。
  ☆103Updated 8 months ago
• Litch1-v / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆182Updated 3 years ago
• r00tSe7en / JNDIMonitor
  一个LDAP请求监听器，摆脱dnslog平台
  ☆280Updated last year