JNDI/LDAP注入利用工具,对命令进行两种编码,支持多种绕过高版本JDK的方式(参考大佬代码造的轮子)
☆44Dec 22, 2021Updated 4 years ago
Alternatives and similar repositories for JNDIKit
Users that are interested in JNDIKit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- MysqlHoneypot☆24May 4, 2022Updated 3 years ago
- 动态链接库加载工具☆20Jan 26, 2022Updated 4 years ago
- POC for Spring Kafka Deserialization Vulnerability CVE-2023-34040☆46Oct 8, 2025Updated 5 months ago
- Shiro内存马注入环境☆63May 3, 2021Updated 4 years ago
- CVE-2022-22947注入哥斯拉内存马☆28Jun 21, 2023Updated 2 years ago
- JavaAgent内存马☆17Jun 15, 2021Updated 4 years ago
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- JavaPassDump☆273Jan 7, 2022Updated 4 years ago
- JAVA IAST Example☆49Dec 13, 2021Updated 4 years ago
- 集成了截图 键盘记录 剪贴版功能,用于网络限制场景下的信息搜集☆89May 18, 2024Updated last year
- Apache Dubbo Hessian2 CVE-2021-43297 demo☆46Jan 18, 2022Updated 4 years ago
- NTLM/Negotiate authentication over HTTP that supports Pass The Hash Mode (PtH)☆17Sep 13, 2024Updated last year
- 内存马查杀工具,尤其针对Agent型,原理是dump出JVM当前的class并进行字节码分析,并加入自动修复的功能☆179May 10, 2023Updated 2 years ago
- 用来存放平时写的一些net内存马,仅用于练手,需要可以自行修改☆90May 3, 2022Updated 3 years ago
- 泛微E-Office V9.0 批量安全测试 / Code By:Tas9er☆25Nov 27, 2021Updated 4 years ago
- Get sql server connection configuration information☆28Aug 26, 2024Updated last year
- ☆19Aug 10, 2022Updated 3 years ago
- 基于BurpShiroPassiveScan修改增加了Xray回显链生成☆56Sep 6, 2022Updated 3 years ago
- 静态程序分析工具 主要生成方法的CFG和.java文件的AST☆133Jul 12, 2023Updated 2 years ago
- 一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。☆376Oct 22, 2021Updated 4 years ago
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆14Dec 30, 2023Updated 2 years ago
- Java安全相关,目前主要是CC链研究☆10Sep 1, 2022Updated 3 years ago
- ☆15Oct 11, 2022Updated 3 years ago
- 改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能☆279Nov 28, 2023Updated 2 years ago
- 哥斯拉nacos后渗透插件 maketoken adduser☆150Jul 7, 2023Updated 2 years ago
- 自己的JNDI 利用工具,添加一些人性化功能☆131Sep 4, 2022Updated 3 years ago
- Java内存马注入工具☆252Apr 8, 2023Updated 2 years ago
- BurpHttpHelper是一款Burpsuite插件,主要用于简化和解决Burpsuite对Http的一些操作.☆109Jan 22, 2023Updated 3 years ago
- Exchange 服务器安全性的辅助测试工具☆331Jul 21, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- Text4Shell的burp被动扫描插件☆36Dec 29, 2022Updated 3 years ago
- 增加自定义gadget触发客户端代码执行 绕过高版本JDK远程加载限制☆12May 24, 2022Updated 3 years ago
- Spring Actuator端点的BurpSuite被动扫描插件。☆202Nov 2, 2022Updated 3 years ago
- ☆525Sep 16, 2022Updated 3 years ago
- 帆软bi反序列化漏洞利用工具☆190Mar 23, 2024Updated 2 years ago
- Tomcat的Filter型免杀内存马,主要思路是Bypass各种检查手段☆10Nov 26, 2021Updated 4 years ago
- JndiBypass漏洞利用,可动态生成类,防止类注入冲突☆28Aug 16, 2023Updated 2 years ago
- FilterBased/ServletBased in memory shell for Tomcat and some other middlewares☆387Nov 6, 2020Updated 5 years ago
- 一个可以自定规则的动扫描器,支持主动和被动扫描☆25Oct 26, 2021Updated 4 years ago