ffadd / JNDIKit
JNDI/LDAP注入利用工具,对命令进行两种编码,支持多种绕过高版本JDK的方式(参考大佬代码造的轮子)
☆43Updated 3 years ago
Alternatives and similar repositories for JNDIKit:
Users that are interested in JNDIKit are comparing it to the libraries listed below
- 利用shiro反序列化注入冰蝎内存马☆35Updated 3 years ago
- 窃取当前用户的ssh,sudo密码☆70Updated last year
- NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script☆86Updated 2 years ago
- Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势☆15Updated 3 years ago
- Java 内存马生成插件☆50Updated last year
- [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload☆91Updated 2 years ago
- 在spring-aop中新发现的反序列化gadget-chain☆42Updated last month
- 如何将Java反序列化Payload极致缩小☆47Updated 3 years ago
- A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily☆32Updated 3 months ago
- ad vulnerability scanner☆70Updated last year
- ☆11Updated 2 years ago
- 蚁剑AES加密通信ASPX Webshell☆31Updated 3 years ago
- 基于ysoserial扩展命令执行结果回显,生成冰蝎内存马☆87Updated last year
- woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。☆67Updated last year
- java☆54Updated 2 years ago
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆107Updated 4 years ago
- Yapi mock script RCE another version. Webshell way. 另一种 Webshell 方式的 Yapi 命令执行的方法 相比于其他的利用方式 更加微操和可控 影响更小☆65Updated 7 months ago
- windows 添加管理员--Rust版本☆44Updated 2 years ago
- Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) 注入哥斯拉内存马☆53Updated 2 years ago
- 内存马持久化☆58Updated 2 years ago
- hyscan HengGe Team☆68Updated 3 years ago
- 提取域控日志,支持远程提取☆152Updated 2 years ago
- ☆51Updated 2 years ago
- Redis primary/secondary replication RCE☆43Updated 2 years ago
- 无影脚 - 命令行下的日志文件处理工具☆51Updated 2 years ago
- A mininal go http client for security testing☆47Updated this week
- 该项目是通过go语言实现防止rmi利用被反置的问题。☆43Updated 3 years ago
- Spel-research☆26Updated 2 years ago
- 密码收集☆58Updated 2 years ago
- Nacos JRaft Hessian 反序列化 RCE EXP☆65Updated last year