Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12
☆96Oct 18, 2022Updated 3 years ago
Alternatives and similar repositories for ColdFusionPwn
Users that are interested in ColdFusionPwn are comparing it to the libraries listed below
Sorting:
- weblogic t3 deserialization rce☆268Jul 13, 2017Updated 8 years ago
- Java Message Exploitation Tool☆510Jul 6, 2022Updated 3 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- CVE-2017-10366: Oracle PeopleSoft 8.54, 8.55, 8.56 Java deserialization exploit☆25Sep 4, 2018Updated 7 years ago
- PoC code for crashing windows active directory☆35Sep 19, 2018Updated 7 years ago
- Mogwai Java Management Extensions (JMX) Exploitation Toolkit☆174Jul 21, 2016Updated 9 years ago
- CVE-2018-8021 Proof-Of-Concept and Exploit☆106Dec 3, 2018Updated 7 years ago
- All about CVE-2018-14667; From what it is to how to successfully exploit it.☆50Nov 30, 2018Updated 7 years ago
- Java RMI enumeration and attack tool.☆745Sep 28, 2017Updated 8 years ago
- XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04☆13Oct 16, 2018Updated 7 years ago
- CVE-2018-6574 POC : golang 'go get' remote command execution during source code build☆24Jan 14, 2022Updated 4 years ago
- Proof of concept showing how to exploit the CVE-2018-11759☆40Dec 11, 2018Updated 7 years ago
- A Java serializer in JavaScript☆80May 21, 2018Updated 7 years ago
- PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM☆52Mar 14, 2018Updated 8 years ago
- SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.☆104Feb 28, 2018Updated 8 years ago
- .NET Deserialization Passive Scanner☆46Mar 23, 2018Updated 7 years ago
- Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch☆114May 21, 2018Updated 7 years ago
- 常用系统服务默认端口列表☆13Apr 25, 2017Updated 8 years ago
- A simple script for exploit RCE for Struts 2 S2-053(CVE-2017-12611)☆37Sep 8, 2017Updated 8 years ago
- ☆17Oct 25, 2018Updated 7 years ago
- A fake JDBC driver that allows OS command execution.☆125Oct 2, 2022Updated 3 years ago
- CVE-2018-3245-PoC☆172Jul 13, 2021Updated 4 years ago
- 改造一个基于jrmp的AMF反序列化利用工具☆16Jul 7, 2022Updated 3 years ago
- Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)☆77Feb 22, 2023Updated 3 years ago
- 可能有一些你没见过的端口扫描脚本☆12Nov 28, 2018Updated 7 years ago
- JNDI Attacking Tool☆246Jul 11, 2022Updated 3 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆484Dec 9, 2020Updated 5 years ago
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆270Mar 4, 2022Updated 4 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆103Mar 10, 2020Updated 6 years ago
- PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)☆25Dec 1, 2018Updated 7 years ago
- ☆41Nov 9, 2018Updated 7 years ago
- CVE-2018-3191 反弹shell☆16Oct 23, 2018Updated 7 years ago
- Apache Solr Exploits 🌟☆348Oct 13, 2020Updated 5 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- Web directory and file discovery.☆18Oct 31, 2022Updated 3 years ago
- Some scripts and exploits☆148Jul 9, 2018Updated 7 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.优化了一些东西。☆214Jan 17, 2022Updated 4 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago