Alternatives and similar repositories for CVE-2021-4034

Users that are interested in CVE-2021-4034 are comparing it to the libraries listed below

• FFreestanding / JavaUnserializeChain
  自己积累的一些Java反序列化利用链
  ☆89Updated 2 years ago
• Lonely-night / fastjsonVul
  fastjson 80 远程代码执行漏洞复现
  ☆195Updated 2 years ago
• webraybtl / zentaopms_poc
  禅道相关poc
  ☆167Updated last year
• woodpecker-appstore / jexpr-encoder-utils
  Java表达式语句生成器
  ☆191Updated last year
• vpxuser / Central-Management-System-Exploitation-Cheat-Sheet
  内网集权系统渗透测试笔记
  ☆12Updated 8 months ago
• ruyueattention / java-memshell-scanner
  通过jsp脚本扫描并查杀Tomcat内存马，当前支持Servlet-api、Tomcat-Value、Timer、Websocket 、Upgrade 、ExecutorShell内存马的查杀逻辑。
  ☆60Updated 2 years ago
• yzddmr6 / Java-Js-Engine-Payloads
  Java Js Engine Payloads All in one
  ☆273Updated last year
• luelueking / CVE-2022-25845-In-Spring
  CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!
  ☆95Updated 7 months ago
• kezibei / php-filter-iconv
  ☆72Updated 9 months ago
• minhangxiaohui / DecodeSomeJSPWebshell
  冰蝎、哥斯拉 jsp webshell通信流量解密器
  ☆146Updated 2 years ago
• luelueking / Deserial_Sink_With_JDBC
  Some ReadObject Sink With JDBC
  ☆230Updated last year
• depycode / fastjson-local-echo
  基于dbcp的fastjson rce 回显
  ☆193Updated 4 years ago
• Tas9er / MySQLByPassForSafeDog
  MySQL注入绕安全狗Tamper / Code By:Tas9er
  ☆156Updated 2 years ago
• Awrrays / Frame-DefaultPass
  所有碰到过的默认口令
  ☆104Updated last year
• dushixiang / evil-mysql-server
  evil-mysql-server is a malicious database written to target jdbc deserialization vulnerabilities and requires ysoserial.
  ☆92Updated 2 years ago
• pap1rman / postnacos
  哥斯拉nacos后渗透插件 maketoken adduser
  ☆146Updated last year
• lz2y / yaml-payload-for-ruoyi
  A memory shell for ruoyi
  ☆251Updated 2 years ago
• Duoduo-chino / ssrf_vul
  国光师傅的SSRF靶场docker环境
  ☆43Updated 9 months ago
• Firebasky / ctf-Challenge
  是一些比赛中的好题，加上自己出的一些。。。
  ☆43Updated 2 years ago
• j2ekim / YonyouNC_Tip
  ☆167Updated 3 years ago
• Al1ex / HW-2023
  HW-POC
  ☆25Updated last year
• safe6Sec / ShiroAndFastJson
  shiro加fastjson环境
  ☆132Updated 2 years ago
• whwlsfb / SpringSpider
  Spring Actuator端点的BurpSuite被动扫描插件。
  ☆199Updated 2 years ago
• 0range-x / dragon-lab
  ☆56Updated last year
• tangxiaofeng7 / JavaSecInterview
  打造最强的Java安全研究与安全开发面试题库，包含问题和详细的答案，帮助师傅们找到满意的工作
  ☆14Updated 3 years ago
• YYHYlh / Apache-Dubbo-CVE-2023-23638-exp
  Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
  ☆225Updated last year
• b1ackc4t / Assassin
  Assassin是一款精简的基于命令行的webshell管理工具，它有着多种payload发送方式和编码方式，以及精简的payload代码，使得它成为隐蔽的暗杀者，难以被很好的防御。
  ☆116Updated 3 years ago
• kezibei / fastjson_payload
  ☆223Updated 3 weeks ago
• sv3nbeast / DnslogCmdEcho
  命令执行不回显但DNS协议出网的命令回显场景解决方案
  ☆274Updated 2 years ago
• SummerSec / AgentInjectTool
  改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能
  ☆279Updated last year