cokeBeer / pyyso
pyyso is a Python package that generate java serialized poc. Including CommonsCollections1-7, JDK7u21, JDK8u20, ldap for jndi, shiro-550, CommonsBeanutils1 no cc, JRMPClient, high version JDK Bypass, Fake MySQL for JDBC attack
☆49Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for pyyso
- 一个Spring4Shell 被动式检测的Burp插件☆93Updated 2 years ago
- Java命令行文件监控小工具(代码审计)☆95Updated 2 years ago
- Java 内存马生成插件☆50Updated last year
- 一个简单的批量反编译jar包的小脚本☆30Updated 2 years ago
- 一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。☆161Updated last year
- 基于ysoserial扩展命令执行结果回显,生成冰蝎内存马☆85Updated last year
- springboot跨线程注入内存马☆114Updated 2 years ago
- ☆37Updated 2 years ago
- 一款办公应用云凭证利用工具☆87Updated 5 months ago
- 如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过☆47Updated last year
- ☆81Updated 3 years ago
- 一款探测fastjson漏洞的BurpSuite插件☆60Updated 2 years ago
- CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!☆67Updated 2 weeks ago
- 域内密码喷射工具☆127Updated 2 years ago
- MemShell List☆78Updated last year
- 《ASPX安全-只有ASPX安全才能拯救.NET》Only ASPX Security Can Save The NET.☆33Updated 2 years ago
- ☆80Updated 7 months ago
- 支持自动化的切换请求方式、自动化的请求重试、以完整的扫描Springboot路径☆2Updated 2 years ago
- 某软最新公开gadgegt,新加入不出网利用。☆49Updated 2 months ago
- SpringBootAdmin-thymeleaf-SSTI which can cause RCE☆77Updated last year
- check hikvision/ys7 api☆64Updated last year
- woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。☆67Updated last year
- [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload☆90Updated 2 years ago
- remote execute js when debugger.paused☆42Updated last year
- Java CVE Vulnerability Environment☆22Updated 5 months ago
- 之前方便自己研究RASP原理和绕过时顺手写的,用于快速启动和重置RASP环境☆51Updated last month
- ☆51Updated 2 years ago
- Spel-research☆24Updated 2 years ago