pyyso is a Python package that generate java serialized poc. Including CommonsCollections1-7, JDK7u21, JDK8u20, ldap for jndi, shiro-550, CommonsBeanutils1 no cc, JRMPClient, high version JDK Bypass, Fake MySQL for JDBC attack
☆55Nov 5, 2022Updated 3 years ago
Alternatives and similar repositories for pyyso
Users that are interested in pyyso are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- a dataflow analysis framework implemented in Go, like soot☆39Sep 22, 2022Updated 3 years ago
- ☆210Oct 27, 2025Updated 7 months ago
- 如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过☆53Sep 10, 2023Updated 2 years ago
- WebSocket 内存马/Webshell,一种新型内存马/WebShell技术☆22Apr 10, 2023Updated 3 years ago
- Go-sec-code is a project for learning Go vulnerability code.☆50Mar 11, 2023Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆25Jan 7, 2025Updated last year
- Java bytecode line number restoration tool☆143Aug 31, 2025Updated 9 months ago
- Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式☆550Mar 6, 2025Updated last year
- Some ReadObject Sink With JDBC☆245May 8, 2024Updated 2 years ago
- Learning JAVA for Security☆33Jun 9, 2022Updated 4 years ago
- 一个基于golang的简单漏洞扫描器☆13Feb 2, 2024Updated 2 years ago
- 使用 agent 实现反序列化 utf8 overlong☆86Apr 24, 2024Updated 2 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆757Apr 14, 2021Updated 5 years ago
- Spring-Cloud-Spel-RCE☆12Sep 16, 2022Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆123Jun 7, 2023Updated 3 years ago
- CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!☆109Nov 7, 2024Updated last year
- 用于红蓝攻防演练中快速分拣资产☆12Jul 3, 2022Updated 3 years ago
- 钓鱼上线后渗透工具☆131Feb 19, 2023Updated 3 years ago
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆464Jan 12, 2025Updated last year
- JNDI在java高版本的利用工具,FUZZ利用链☆601Oct 8, 2022Updated 3 years ago
- 通过端口复用直接进行正向socks5代理(非防火墙分流)☆113Dec 17, 2024Updated last year
- 收集内存马打入方式☆508May 20, 2022Updated 4 years ago
- 构造字节在ASCII范围内的jar☆142Feb 14, 2022Updated 4 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- API字典,API爆破字典☆24Mar 21, 2023Updated 3 years ago
- 🔥🔥🔥持续更新的特征库. 2023hw☆21Oct 8, 2023Updated 2 years ago
- Java RCE 回显测试代码☆1,013Oct 15, 2020Updated 5 years ago
- 利用代理驱动绕过JDBC Attack检测☆145Jun 15, 2025Updated 11 months ago
- fastjson不出网利用、c3p0☆257Jul 30, 2021Updated 4 years ago
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,472Apr 25, 2024Updated 2 years ago
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆591Feb 7, 2026Updated 4 months ago
- A CAT called tabby ( Code Analysis Tool )☆1,653Jan 17, 2026Updated 4 months ago
- Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用☆851Jul 7, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- 禅道研发项目管理系统`misc-captcha-user`认证绕过后台命令注入漏洞☆108Apr 24, 2023Updated 3 years ago
- 某软最新公开gadgegt,新加入不出网利用。☆88Sep 6, 2024Updated last year
- 发布一些我发现的漏洞以及利用脚本。☆15Jun 29, 2023Updated 2 years ago
- ☆345Mar 6, 2026Updated 3 months ago
- 前端参数加密渗透测试通用解决方案☆576Oct 17, 2022Updated 3 years ago
- 用Go+Fyne开发的,展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。☆127Jan 14, 2025Updated last year
- 一个能快速开启和关闭匿名SMB共享的红队脚本☆174Apr 6, 2022Updated 4 years ago