feihong-cs / JNDIExploit

Related projects: ⓘ

• whwlsfb / Log4j2Scan
  Log4j2 RCE Passive Scanner plugin for BurpSuite
  ☆754Updated last year
• welk1n / JNDI-Injection-Bypass
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆469Updated 3 years ago
• welk1n / JNDI-Injection-Exploit
  JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）
  ☆2,559Updated last year
• wh1t3p1g / ysomap
  A helpful Java Deserialization exploit framework.
  ☆1,156Updated 2 months ago
• fnmsd / MySQL_Fake_Server
  MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
  ☆1,199Updated 2 years ago
• n0b0dyCN / redis-rogue-server
  Redis(<=5.0.5) RCE
  ☆986Updated 11 months ago
• zzwlpx / JNDIExploit
  A malicious LDAP server for JNDI injection attacks
  ☆289Updated 2 years ago
• cckuailong / reapoc
  OpenSource Poc && Vulnerable-Target Storage Box.
  ☆671Updated last year
• YDHCUI / CNVD-2020-10487-Tomcat-Ajp-lfi
  Tomcat-Ajp协议文件读取漏洞
  ☆751Updated 4 years ago
• craig / SpringCore0day
  SpringCore0day from https://share.vx-underground.org/ & some additional links
  ☆393Updated 2 years ago
• FunnyWolf / pystinger
  Bypass firewall for traffic forwarding using webshell 一款使用webshell进行流量转发的出网工具
  ☆1,363Updated 2 years ago
• artsploit / yaml-payload
  A tiny project for generating SnakeYAML deserialization payloads
  ☆544Updated 5 years ago
• jas502n / Log4j2-CVE-2021-44228
  Remote Code Injection In Log4j
  ☆456Updated 2 years ago
• 0x727 / JNDIExploit
  一款用于JNDI注入利用的工具，大量参考/引用了Rogue JNDI项目的代码，支持直接植入内存shell，并集成了常见的bypass 高版本JDK的方式，适用于与自动化工具配合使用。
  ☆266Updated 2 years ago
• woodpecker-framework / woodpecker-framework-release
  高危漏洞精准检测与深度利用框架
  ☆1,345Updated last year
• Al1ex / WindowsElevation
  Windows Elevation(持续更新)
  ☆633Updated 2 years ago
• JackOfMostTrades / gadgetinspector
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆977Updated 3 years ago
• veracode-research / rogue-jndi
  A malicious LDAP server for JNDI injection attacks
  ☆995Updated 11 months ago
• Maskhe / FastjsonScan
  一个简单的Fastjson反序列化检测burp插件
  ☆837Updated 3 years ago
• NickstaDB / SerializationDumper
  A tool to dump Java serialization streams in a more human readable form.
  ☆974Updated 2 months ago
• WhiteHSBG / JNDIExploit
  ☆1,315Updated this week
• 0xn0ne / weblogicScanner
  weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力：CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-201…
  ☆1,982Updated 9 months ago
• bit4woo / knife
  A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
  ☆1,588Updated last month
• wyzxxz / jndi_tool
  JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行 漏洞检测辅助工具
  ☆1,882Updated 3 months ago
• Ridter / redis-rce
  Redis 4.x/5.x RCE
  ☆925Updated 2 years ago
• feihong-cs / Java-Rce-Echo
  Java RCE 回显测试代码
  ☆992Updated 3 years ago
• su18 / ysoserial
  ☆806Updated this week
• gobysec / GobyVuls
  Vulnerabilities of Goby supported with exploitation.
  ☆700Updated last month
• woodpecker-appstore / log4j-payload-generator
  Log4j jndi injects the Payload generator
  ☆481Updated 2 years ago
• threedr3am / JSP-WebShells
  Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
  ☆1,349Updated 2 years ago