cn-panda / logbackRceDemoLinks
The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment where there are arbitrary file uploads, and then use the `scan` attribute in the loghack configuration file to cooperate with the logback vulnerability to implement RCE.
☆87Updated 3 years ago
Alternatives and similar repositories for logbackRceDemo
Users that are interested in logbackRceDemo are comparing it to the libraries listed below
Sorting:
- spring-cloud-function SpEL RCE, Vultarget & Poc☆135Updated 3 years ago
- Intentionally Vulnerable to Spring4Shell☆52Updated 3 years ago
- A project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692☆35Updated 2 years ago
- CVE-2020-36179~82 Jackson-databind SSRF&RCE☆81Updated 4 years ago
- ☆19Updated 5 years ago
- 《深入理解IAST交互式应用安全测试》Interactive Application Security Testing.☆13Updated 2 years ago
- Sample Spring application to Demonstrate the Gateway Actuator☆48Updated 3 years ago
- ☆21Updated 4 years ago
- Native Java serialization filter blacklist for common gadgets☆20Updated 6 years ago
- fastjson auto type derivation search☆20Updated 4 years ago
- Java web and command line applications demonstrating various security topics☆237Updated last week
- Template Injection in Email Templates leads to code execution on Jira Service Management Server☆48Updated 4 years ago
- Apache/Alibaba Dubbo <= 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Data; Affects Versions <= 2.7.6 With Diffe…☆52Updated 4 years ago
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet☆51Updated 4 years ago
- WebLogic T3/IIOP RCE ExternalizableHelper.class of coherence.jar☆80Updated 4 years ago
- Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability CVE-2021-22053☆37Updated 2 years ago
- Vulnerability Environment Build with Dockerfile -> Docker Hub☆18Updated 4 months ago
- My collection of various of JSP Webshell.☆36Updated 3 years ago
- CVE-2020-8840:FasterXML/jackson-databind 远程代码执行漏洞☆36Updated 5 years ago
- PaddingZip is a tool that you can craft a zip file that contains the padding characters between the file content.☆75Updated 3 years ago
- log4j 1.x RCE Poc -- CVE-2021-4104☆20Updated 3 years ago
- ☆73Updated 3 years ago
- Ready to use docker image for CodeQL☆90Updated last year
- ☆29Updated 4 years ago
- CVE-2020-36188 &&Jackson-databind RCE☆11Updated 4 years ago
- POC of CVE-2021-2394☆40Updated 3 years ago
- XSTREAM<=1.4.17漏洞复现(CVE-2021-39141、CVE-2021-39144、CVE-2021-39150)☆61Updated 4 years ago
- Unofficial Dockerfile and scripts for building CodeQL databases for the OpenJDK☆49Updated last year
- ☆87Updated 3 years ago
- Oracle Access Manager Unauthenticated Attacker Vulnerability CVE-2021-35587☆42Updated 3 years ago