codewhitesec/ColdFusionPwn external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

codewhitesec/ColdFusionPwn

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/codewhitesec/ColdFusionPwn)

Close

codewhitesec / ColdFusionPwnView on GitHubMore

• External links
• Readme badge

Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12

☆96Oct 18, 2022Updated 3 years ago

Alternatives and similar repositories for ColdFusionPwn

Users that are interested in ColdFusionPwn are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• 5up3rc / weblogic_cmd

  View on GitHub
  weblogic t3 deserialization rce
  ☆268Jul 13, 2017Updated 8 years ago
• matthiaskaiser / jmet

  View on GitHub
  Java Message Exploitation Tool
  ☆511Jul 6, 2022Updated 3 years ago
• iSafeBlue / fastjson-autotype-bypass-demo

  View on GitHub
  fastjson 1.2.68 版本 autotype bypass
  ☆142Jun 17, 2022Updated 3 years ago
• blazeinfosec / CVE-2017-10366_peoplesoft

  View on GitHub
  CVE-2017-10366: Oracle PeopleSoft 8.54, 8.55, 8.56 Java deserialization exploit
  ☆25Sep 4, 2018Updated 7 years ago
• skelsec / windows_ad_dos_poc

  View on GitHub
  PoC code for crashing windows active directory
  ☆35Sep 19, 2018Updated 7 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• mogwaisec / mjet

  View on GitHub
  Mogwai Java Management Extensions (JMX) Exploitation Toolkit
  ☆175Jul 21, 2016Updated 9 years ago
• r3dxpl0it / Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021

  View on GitHub
  CVE-2018-8021 Proof-Of-Concept and Exploit
  ☆105Dec 3, 2018Updated 7 years ago
• syriusbughunt / CVE-2018-14667

  View on GitHub
  All about CVE-2018-14667; From what it is to how to successfully exploit it.
  ☆50Nov 30, 2018Updated 7 years ago
• NickstaDB / BaRMIe

  View on GitHub
  Java RMI enumeration and attack tool.
  ☆744Sep 28, 2017Updated 8 years ago
• jamieparfet / Apache-OFBiz-XXE

  View on GitHub
  XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04
  ☆13Oct 16, 2018Updated 7 years ago
• neargle / Go-Get-RCE-CVE-2018-6574-POC

  View on GitHub
  CVE-2018-6574 POC : golang 'go get' remote command execution during source code build
  ☆24Jan 14, 2022Updated 4 years ago
• immunIT / CVE-2018-11759

  View on GitHub
  Proof of concept showing how to exploit the CVE-2018-11759
  ☆40Dec 11, 2018Updated 7 years ago
• mbechler / serjs

  View on GitHub
  A Java serializer in JavaScript
  ☆81May 21, 2018Updated 7 years ago
• erpscanteam / CVE-2018-2380

  View on GitHub
  PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM
  ☆52Mar 14, 2018Updated 8 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• QAX-A-Team / SerialWriter

  View on GitHub
  SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.
  ☆105Feb 28, 2018Updated 8 years ago
• tdy218 / ysoserial-cve-2018-2628

  View on GitHub
  Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch
  ☆114May 21, 2018Updated 7 years ago
• pwntester / dotnet-deserialization-scanner

  View on GitHub
  .NET Deserialization Passive Scanner
  ☆47Mar 23, 2018Updated 8 years ago
• exp-db / CommonServiceDefaultPort

  View on GitHub
  常用系统服务默认端口列表
  ☆13Apr 25, 2017Updated 9 years ago
• brianwrf / S2-053-CVE-2017-12611

  View on GitHub
  A simple script for exploit RCE for Struts 2 S2-053(CVE-2017-12611)
  ☆37Sep 8, 2017Updated 8 years ago
• mackleadmire / CVE-2018-3191-Rce-Exploit

  View on GitHub
  ☆17Oct 25, 2018Updated 7 years ago
• airman604 / jdbc-backdoor

  View on GitHub
  A fake JDBC driver that allows OS command execution.
  ☆126Oct 2, 2022Updated 3 years ago
• pyn3rd / CVE-2018-3245

  View on GitHub
  CVE-2018-3245-PoC
  ☆172Jul 13, 2021Updated 4 years ago
• novysodope / AMF_JRMP

  View on GitHub
  改造一个基于jrmp的AMF反序列化利用工具
  ☆16Jul 7, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• k8gege / ZimbraExploit

  View on GitHub
  Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)
  ☆78Feb 22, 2023Updated 3 years ago
• coffeehb / portscan

  View on GitHub
  可能有一些你没见过的端口扫描脚本
  ☆12Nov 28, 2018Updated 7 years ago
• quentinhardy / jndiat

  View on GitHub
  JNDI Attacking Tool
  ☆246Jul 11, 2022Updated 3 years ago
• welk1n / JNDI-Injection-Bypass

  View on GitHub
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆485Dec 9, 2020Updated 5 years ago
• keven1z / weblogic_memshell

  View on GitHub
  适用于weblogic和Tomcat的无文件的内存马(memshell)
  ☆271Mar 4, 2022Updated 4 years ago
• kingkaki / ysoserial

  View on GitHub
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆103Mar 10, 2020Updated 6 years ago
• DownWithUp / CVE-2018-16712

  View on GitHub
  PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)
  ☆25Dec 1, 2018Updated 7 years ago
• ab1gale / phpcms-2008-CVE-2018-19127

  View on GitHub
  ☆41Nov 9, 2018Updated 7 years ago
• im23pds / CVE-2018-3191

  View on GitHub
  CVE-2018-3191 反弹shell
  ☆16Oct 23, 2018Updated 7 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• Imanfeng / Apache-Solr-RCE

  View on GitHub
  Apache Solr Exploits 🌟
  ☆347Oct 13, 2020Updated 5 years ago
• lufeirider / CVE-2019-2725

  View on GitHub
  CVE-2019-2725 命令回显
  ☆435May 8, 2023Updated 2 years ago
• BishopFox / GadgetProbe

  View on GitHub
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆614Mar 4, 2021Updated 5 years ago
• quentinhardy / scriptsAndExploits

  View on GitHub
  Some scripts and exploits
  ☆149Jul 9, 2018Updated 7 years ago
• threedr3am / ysoserial

  View on GitHub
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.优化了一些东西。
  ☆214Jan 17, 2022Updated 4 years ago
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• aurainfosec / xss_payloads

  View on GitHub
  XSS payloads for edge cases
  ☆34Nov 13, 2018Updated 7 years ago