chudyPB / XStream-GadgetsLinks
Several XStream gadgets ported from ysoserial
☆33Updated 3 years ago
Alternatives and similar repositories for XStream-Gadgets
Users that are interested in XStream-Gadgets are comparing it to the libraries listed below
Sorting:
- Template Injection in Email Templates leads to code execution on Jira Service Management Server☆48Updated 3 years ago
- A project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692☆36Updated 2 years ago
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet☆51Updated 3 years ago
- ☆22Updated 2 years ago
- Web Server that serves a single file and keeps the connection open until user releases it.☆73Updated 11 years ago
- Apache/Alibaba Dubbo <= 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Data; Affects Versions <= 2.7.6 With Diffe…☆52Updated 4 years ago
- My collection of various of JSP Webshell.☆35Updated 3 years ago
- Sample Spring application to Demonstrate the Gateway Actuator☆47Updated 3 years ago
- ☆20Updated 3 years ago
- Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540)☆72Updated 3 years ago
- mvn clean package -DskipTests☆46Updated 2 years ago
- common methods that used by my burp extension projects☆51Updated last year
- ☆73Updated 3 years ago
- CVE-2020-36179~82 Jackson-databind SSRF&RCE☆81Updated 4 years ago
- Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12☆95Updated 2 years ago
- ☆33Updated 2 years ago
- Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability CVE-2021-22053☆37Updated 2 years ago
- bypass JEP290 RaspHook code☆62Updated 4 years ago
- web fuzzing && bug hunter☆60Updated 3 years ago
- POC for leaking java version through file and ftp protocols☆24Updated 4 years ago
- BCEL class转换插件☆25Updated 4 years ago
- CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process…☆25Updated 4 years ago
- Exploit ONLYOFFICE Implementations☆27Updated 2 years ago
- ☆72Updated 3 years ago
- Ready to use docker image for CodeQL☆90Updated last year
- ☆29Updated 3 years ago
- Oracle Access Manager Unauthenticated Attacker Vulnerability CVE-2021-35587☆41Updated 3 years ago
- Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information …☆16Updated 2 years ago
- ☆69Updated 4 years ago
- 知识星球《漏洞百出》最新 20条 Topic☆113Updated 3 years ago