pyyso is a Python package that generate java serialized poc. Including CommonsCollections1-7, JDK7u21, JDK8u20, ldap for jndi, shiro-550, CommonsBeanutils1 no cc, JRMPClient, high version JDK Bypass, Fake MySQL for JDBC attack
☆55Nov 5, 2022Updated 3 years ago
Alternatives and similar repositories for pyyso
Users that are interested in pyyso are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- a dataflow analysis framework implemented in Go, like soot☆39Sep 22, 2022Updated 3 years ago
- ☆207Oct 27, 2025Updated 5 months ago
- 如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过☆53Sep 10, 2023Updated 2 years ago
- ☆24Jan 7, 2025Updated last year
- WebSocket 内存马/Webshell,一种新型内存马/WebShell技术☆22Apr 10, 2023Updated 2 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Go-sec-code is a project for learning Go vulnerability code.☆50Mar 11, 2023Updated 3 years ago
- Java bytecode line number restoration tool☆139Aug 31, 2025Updated 7 months ago
- Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式☆546Mar 6, 2025Updated last year
- Some ReadObject Sink With JDBC☆244May 8, 2024Updated last year
- Learning JAVA for Security☆34Jun 9, 2022Updated 3 years ago
- 一个基于golang的简单漏洞扫描器☆13Feb 2, 2024Updated 2 years ago
- 使用 agent 实现反序列化 utf8 overlong☆84Apr 24, 2024Updated last year
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆753Apr 14, 2021Updated 4 years ago
- Spring-Cloud-Spel-RCE☆12Sep 16, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆122Jun 7, 2023Updated 2 years ago
- CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!☆108Nov 7, 2024Updated last year
- 用于红蓝攻防演练中快速分拣资产☆12Jul 3, 2022Updated 3 years ago
- 钓鱼上线后渗透工具☆131Feb 19, 2023Updated 3 years ago
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆462Jan 12, 2025Updated last year
- JNDI在java高版本的利用工具,FUZZ利用链☆599Oct 8, 2022Updated 3 years ago
- 通过端口复用直接进行正向socks5代理(非防火墙分流)☆114Dec 17, 2024Updated last year
- 收集内存马打入方式☆507May 20, 2022Updated 3 years ago
- 构造字节在ASCII范围内的jar☆140Feb 14, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- API字典,API爆破字典☆24Mar 21, 2023Updated 3 years ago
- 🔥🔥🔥持续更新的特征库. 2023hw☆21Oct 8, 2023Updated 2 years ago
- Java RCE 回显测试代码☆1,017Oct 15, 2020Updated 5 years ago
- 利用代理驱动绕过JDBC Attack检测☆144Jun 15, 2025Updated 9 months ago
- fastjson不出网利用、c3p0☆256Jul 30, 2021Updated 4 years ago
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,472Apr 25, 2024Updated last year
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆573Feb 7, 2026Updated last month
- A CAT called tabby ( Code Analysis Tool )☆1,642Jan 17, 2026Updated 2 months ago
- Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用☆848Jul 7, 2023Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- 禅道研发项目管理系统`misc-captcha-user`认证绕过后台命令注入漏洞☆108Apr 24, 2023Updated 2 years ago
- 某软最新公开gadgegt,新加入不出网利用。☆88Sep 6, 2024Updated last year
- 发布一些我发现的漏洞以及利用脚本。☆15Jun 29, 2023Updated 2 years ago
- ☆343Mar 6, 2026Updated 3 weeks ago
- 用Go+Fyne开发的,展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。☆125Jan 14, 2025Updated last year
- 前端参数加密渗透测试通用解决方案☆576Oct 17, 2022Updated 3 years ago
- 一个能快速开启和关闭匿名SMB共享的红队脚本☆174Apr 6, 2022Updated 3 years ago