ffadd / JNDIKit
JNDI/LDAP注入利用工具,对命令进行两种编码,支持多种绕过高版本JDK的方式(参考大佬代码造的轮子)
☆44Updated 3 years ago
Alternatives and similar repositories for JNDIKit:
Users that are interested in JNDIKit are comparing it to the libraries listed below
- Java 内存马�生成插件☆50Updated last year
- NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script☆86Updated 3 years ago
- 窃取当前用户的ssh,sudo密码☆69Updated last year
- 利用shiro反序列化注入冰蝎内存马☆35Updated 3 years ago
- 如何将Java反序列化Payload极致缩小☆48Updated 3 years ago
- Redis primary/secondary replication RCE☆42Updated 2 years ago
- ☆13Updated 2 years ago
- [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload☆90Updated 2 years ago
- 基于ysoserial扩展命令执行结果回显,生成冰蝎内存马☆87Updated last year
- windows 添加管理员--Rust版本☆44Updated 2 years ago
- java☆54Updated 2 years ago
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆107Updated 4 years ago
- Yapi mock script RCE another version. Webshell way. 另一种 Webshell 方式的 Yapi 命令执行的方法 相比于其他的利用方式 更加微操和可控 影响更小☆65Updated 8 months ago
- 在spring-aop中新发现的反序列化gadget-chain☆43Updated 2 months ago
- 汇编HTTP请求发送/Assembly Http Request☆45Updated 2 months ago
- woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。☆67Updated last year
- 密码收集☆58Updated 3 years ago
- Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势☆15Updated 3 years ago
- A mininal go http client for security testing☆47Updated last month
- ☆68Updated 3 years ago
- 无影脚 - 命令行下的日志文件处理工具☆51Updated 2 years ago
- MemShell List☆79Updated last year
- 多组件客户端☆74Updated 6 months ago
- 一键出网探测工具☆73Updated 2 years ago
- ☆50Updated 2 years ago
- springboot跨线程注入内存马☆116Updated 2 years ago
- 应对渗透中极限环境下命令回显 & 文件落地☆132Updated 2 years ago
- 根据攻防以及域信息收集经验dump快而有用的域信息☆104Updated last year
- Nacos JRaft Hessian 反序列化 RCE EXP☆64Updated last year
- 该项目是通过go语言实现防止rmi利用被反置的问题。☆44Updated 3 years ago