f1tz / BCELCodeman

BCEL encode/decode manager for fastjson payloads

☆143

Alternatives and similar repositories for BCELCodeman:

Users that are interested in BCELCodeman are comparing it to the libraries listed below

depycode / fastjson-local-echo
基于dbcp的fastjson rce 回显
☆190Updated 3 years ago
depycode / fastjson-c3p0
fastjson不出网利用、c3p0
☆249Updated 3 years ago
kezibei / fastjson_payload
☆206Updated 5 months ago
0671 / RedisModules-ExecuteCommand-for-Windows
可在Windows下执行系统命令的Redis模块，可用于Redis主从复制攻击。
☆255Updated 2 years ago
LFYSec / ActuatorExploit
SpringBoot Actuator未授权自动化利用，支持信息泄漏/RCE
☆232Updated 4 years ago
LiAoRJ / CS_fakesubmit
一个可以伪装上线Cobaltstrike的脚本
☆132Updated 2 years ago
bigsizeme / fastjson-check
fastjson 被动扫描、不出网payload生成
☆366Updated 3 years ago
Lonely-night / fastjsonVul
fastjson 80 远程代码执行漏洞复现
☆190Updated 2 years ago
kezibei / yongyou_nc_poc
☆117Updated last year
Veraxy00 / Shiro-EXP
Apache Shiro 反序列化漏洞检测与利用工具，一键注入内存马
☆138Updated 4 years ago
BeichenDream / Chunk-Proxy
☆282Updated 2 years ago
lz2y / yaml-payload-for-ruoyi
A memory shell for ruoyi
☆239Updated last year
Richard-Tang / x1DecoderPlus
AntSword(蚁剑)全参数流量XOR和Base64加伪装WebShell
☆163Updated 3 years ago
woodpecker-appstore / weblogic-infodetector
woodpecker框架weblogic信息探测插件
☆179Updated 2 years ago
R17a-17 / JavaVulnSummary
Java漏洞分析汇合
☆142Updated 3 years ago
mrknow001 / xxl-job-rce
xxl-job未授权命令执行
☆106Updated 3 years ago
A0WaQ4 / HexDnsEchoT
命令执行不回显但DNS协议出网的命令回显场景解决方案（修改为使用ceye接收请求，添加自定义DNS服务器）
☆289Updated last year
r00t4dm / aLIEz
☆182Updated 4 months ago
ffffffff0x / 403-fuzz
针对 403 页面的 fuzz 脚本
☆124Updated 3 years ago
SummerSec / AgentInjectTool
改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能
☆277Updated last year
sv3nbeast / DnslogCmdEcho
命令执行不回显但DNS协议出网的命令回显场景解决方案
☆274Updated 2 years ago
safesword / WebExp
2020年~2021年网站CMS、中间件、框架系统漏洞集合
☆99Updated 3 years ago
woodpecker-appstore / jexpr-encoder-utils
Java表达式语句生成器
☆184Updated last year
yuyan-sec / druid_sessions
获取 alibaba druid 一些 sessions , sql , urls
☆258Updated 2 years ago
CTF-MissFeng / jsForward
解决web及移动端H5数据加密Burp调试问题
☆184Updated 3 years ago
ThestaRY7 / supplier
主流供应商的一些攻击性漏洞汇总
☆105Updated 3 years ago
webraybtl / zentaopms_poc
禅道相关poc
☆161Updated 8 months ago
keven1z / weblogic_memshell
适用于weblogic和Tomcat的无文件的内存马(memshell)
☆266Updated 2 years ago
A-D-Team / attackRmi
☆218Updated 3 years ago
ccdr4gon / Dr4gonSword
☆96Updated last year