JNDI/LDAP注入利用工具,对命令进行两种编码,支持多种绕过高版本JDK的方式(参考大佬代码造的轮子)
☆44Dec 22, 2021Updated 4 years ago
Alternatives and similar repositories for JNDIKit
Users that are interested in JNDIKit are comparing it to the libraries listed below
Sorting:
- MysqlHoneypot☆24May 4, 2022Updated 3 years ago
- Get sql server connection configuration information☆28Aug 26, 2024Updated last year
- CVE-2022-22947注入哥斯拉内存马☆28Jun 21, 2023Updated 2 years ago
- POC for Spring Kafka Deserialization Vulnerability CVE-2023-34040☆46Oct 8, 2025Updated 4 months ago
- Shiro内存马注入环境☆63May 3, 2021Updated 4 years ago
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- JavaPassDump☆272Jan 7, 2022Updated 4 years ago
- 动态链接库加载工具☆20Jan 26, 2022Updated 4 years ago
- 集成了截图 键盘记录 剪贴版功能,用于网络限制场景下的信息搜集☆90May 18, 2024Updated last year
- 哥斯拉nacos后渗透插件 maketoken adduser☆150Jul 7, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- NTLM/Negotiate authentication over HTTP that supports Pass The Hash Mode (PtH)☆17Sep 13, 2024Updated last year
- 一个可以自定规则的动扫描器,支持主动和被动扫描☆25Oct 26, 2021Updated 4 years ago
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆14Dec 30, 2023Updated 2 years ago
- 增加自定义gadget触发客户端代码执行 绕过高版本JDK远程加载限制☆12May 24, 2022Updated 3 years ago
- JavaAgent内存马☆17Jun 15, 2021Updated 4 years ago
- 基于BurpShiroPassiveScan修改增加了Xray回显链生成☆56Sep 6, 2022Updated 3 years ago
- 提取域控日志,支持远程提取☆171Mar 17, 2025Updated 11 months ago
- JndiBypass漏洞利用,可动态生成类,防止类注入冲突☆29Aug 16, 2023Updated 2 years ago
- 泛微E-Office V9.0 批量安全测试 / Code By:Tas9er☆25Nov 27, 2021Updated 4 years ago
- Exchange 服务器安全性的辅助测试工具☆332Jul 21, 2023Updated 2 years ago
- 内��存马查杀工具,尤其针对Agent型,原理是dump出JVM当前的class并进行字节码分析,并加入自动修复的功能☆179May 10, 2023Updated 2 years ago
- BurpHttpHelper是一款Burpsuite插件,主要用于简化和解决Burpsuite对Http的一些操作.☆107Jan 22, 2023Updated 3 years ago
- 一个高度可定制化的JNDI和Java反序列化利用工具☆471Jan 17, 2023Updated 3 years ago
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆108Jan 8, 2021Updated 5 years ago
- 泛微oa漏洞利用工具☆255Jan 4, 2023Updated 3 years ago
- 自己的JNDI 利用工具,添加一些人性化功能☆131Sep 4, 2022Updated 3 years ago
- 改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能☆279Nov 28, 2023Updated 2 years ago
- Implementation of SpoolSample without rDLL☆29Sep 28, 2020Updated 5 years ago
- rmi打内存马工具,适用于目标用不了ldap的情况☆254Jul 12, 2023Updated 2 years ago
- 帆软bi反序列化漏洞利用工具☆190Mar 23, 2024Updated last year
- 在spring-aop中新发现的反序列化gadget-chain☆52Jan 12, 2025Updated last year
- 基于ysoserial扩展命令执行结果回显,生成冰蝎内存马☆89Jul 6, 2023Updated 2 years ago
- Burp Extender, ssrf scanner, 自动扫描ssrf漏洞☆46Mar 31, 2021Updated 4 years ago
- protoscanner是一个使用纯Go编写的协议识别仓库,脱胎于NMAP☆28Aug 30, 2023Updated 2 years ago
- jmx未授权访问 弱口令批量检测 GUI工具☆31Apr 28, 2023Updated 2 years ago
- Burpsuite extension. Supports ASP.NET ViewStateDecoder☆33Updated this week
- Apache Dubbo漏洞测试Demo及其POC☆65Mar 27, 2023Updated 2 years ago
- tsh多终端代理通信☆19Feb 26, 2025Updated last year