feihong-cs / JNDIExploit
☆924Updated this week
Related projects: ⓘ
- Log4j2 RCE Passive Scanner plugin for BurpSuite☆754Updated last year
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆469Updated 3 years ago
- JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)☆2,559Updated last year
- A helpful Java Deserialization exploit framework.☆1,156Updated 2 months ago
- MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize☆1,199Updated 2 years ago
- Redis(<=5.0.5) RCE☆986Updated 11 months ago
- A malicious LDAP server for JNDI injection attacks☆289Updated 2 years ago
- OpenSource Poc && Vulnerable-Target Storage Box.☆671Updated last year
- Tomcat-Ajp协议文件读取漏洞☆751Updated 4 years ago
- SpringCore0day from https://share.vx-underground.org/ & some additional links☆393Updated 2 years ago
- Bypass firewall for traffic forwarding using webshell 一款使用webshell进行流量转发的出网工具☆1,363Updated 2 years ago
- A tiny project for generating SnakeYAML deserialization payloads☆544Updated 5 years ago
- Remote Code Injection In Log4j☆456Updated 2 years ago
- 一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。☆266Updated 2 years ago
- 高危漏洞精准检测与深度利用框架☆1,345Updated last year
- Windows Elevation(持续更新)☆633Updated 2 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆977Updated 3 years ago
- A malicious LDAP server for JNDI injection attacks☆995Updated 11 months ago
- 一个简单的Fastjson反序列化检测burp插件☆837Updated 3 years ago
- A tool to dump Java serialization streams in a more human readable form.☆974Updated 2 months ago
- ☆1,315Updated this week
- weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-201…☆1,982Updated 9 months ago
- A burp extension that add some useful function to Context Menu 添加一些 右键菜单让burp用起来更顺畅☆1,588Updated last month
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆1,882Updated 3 months ago
- Redis 4.x/5.x RCE☆925Updated 2 years ago
- Java RCE 回显测试代码☆992Updated 3 years ago
- ☆806Updated this week
- Vulnerabilities of Goby supported with exploitation.☆700Updated last month
- Log4j jndi injects the Payload generator☆481Updated 2 years ago
- Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势☆1,349Updated 2 years ago