如何将Java反序列化Payload极致缩小
☆71Jan 18, 2022Updated 4 years ago
Alternatives and similar repositories for ShortPayload
Users that are interested in ShortPayload are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆78Nov 22, 2024Updated last year
- 闭源系统半自动漏洞挖掘工具,针对 jar/war/zip 进行静态代码分析,输出从source到sink的可达路径。LLM将验证路径可达性,并根据上下文给出该路径可信分数☆510Jan 12, 2026Updated 4 months ago
- 之前方便自己研究RASP原理和绕过时顺手写的,用于快速启动和重置RASP环境☆72Oct 13, 2024Updated last year
- 帆软bi反序列化漏洞利用工具☆56Jun 4, 2024Updated last year
- 亿赛通电子文档安全管理系统XStream反序列化漏洞任意文件上传利用☆121Aug 9, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- 一款基于污点分析的PHP扫描工具,能快速匹配从常见Source点如$_POST、$GET到Sink点system等的路径,同时支持单独对函数的扫描。☆173Apr 10, 2025Updated last year
- Some ReadObject Sink With JDBC☆245May 8, 2024Updated 2 years ago
- xxl-job内存马☆232Jan 26, 2025Updated last year
- 这是一个带白签名的frp,可用于规避所有杀软和流量检测☆29May 14, 2024Updated 2 years ago
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆586Feb 7, 2026Updated 3 months ago
- 基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本(动态执行Java/Js代码并获得回显)☆326Dec 22, 2024Updated last year
- GodInfo 是一个功能全面的后渗透信息和凭据收集工具,旨在帮助安全测试人员在获得授权访问权限后,快速收集目标系统的信息和凭据。☆254Apr 29, 2025Updated last year
- JDBC Attack Tricks☆154Sep 3, 2023Updated 2 years ago
- MySQL_Fake_Server-啄木鸟yso适配版☆44Sep 20, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- 一款专注于 Java 主流 Web 中间件的内存马快速生成工具,致力于简化安全研究人员和红队成员的工作流程,提升攻防效率☆1,465Apr 26, 2026Updated 3 weeks ago
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆463Jan 12, 2025Updated last year
- Java web路由内存分析工具☆438May 22, 2025Updated last year
- 一个 CLASS 文件混淆工具,支持方法字段参数名引用分析和重命名混淆,支持字符串提取/AES加密运行时解密/整型异或混淆/垃圾代码花指令混淆/错误注解崩溃/特殊字符迷惑用户/反编译器对抗/方法和字段的隐藏等,配置简单,容易上手☆322Jan 26, 2026Updated 3 months ago
- nginx WebShell/内存马,更优雅的nignx backdoor☆325Jan 4, 2024Updated 2 years ago
- Java应用的一些配置文件字典,来源于公开的字典与平时收集☆320Feb 1, 2024Updated 2 years ago
- 帆软bi反序列化漏洞利用工具☆192Mar 23, 2024Updated 2 years ago
- 哥斯拉jsp/jspx免杀webshell生成器☆209Apr 28, 2023Updated 3 years ago
- Get sql server connection configuration information☆28Aug 26, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- 若依后台定时任务一键利用☆80Apr 14, 2022Updated 4 years ago
- 配合 CVE-2023-22515 后台上传jar包实现RCE☆23Nov 9, 2023Updated 2 years ago
- 一款轻量级匹配Sink点的代码审计扫描器,为了帮助红队过程中快速代码审计的小工具☆407Oct 6, 2024Updated last year
- 获取服务器或域控登录日志☆281Sep 8, 2023Updated 2 years ago
- 金蝶星空云反序列化漏洞内存马☆53Mar 27, 2024Updated 2 years ago
- Godzilla插件|内存马|Suo5内存代理|jmg for Godzilla☆244Jun 6, 2024Updated last year
- JavaGadgetGenerator 工具,支持 ysoserial,Hessian,字节码,Expr/SSTI,Shiro,JDBC 等 Gadget 生成,封装,混淆,出网延迟探测,内存马注入等...☆569Apr 3, 2026Updated last month
- A list for Web Security and Code Audit☆1,233Dec 3, 2024Updated last year
- A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-v…☆582May 4, 2026Updated 2 weeks ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- vcenter图形化漏洞利用工具☆70Nov 17, 2024Updated last year
- 目标是成为当下最完善的API挖掘工具,实现自动提取响应敏感信息、URI信息,并且对URI进行自动|手动递归检查☆258Aug 16, 2025Updated 9 months ago
- Spel-research��☆26Jun 21, 2022Updated 3 years ago
- 三色哥斯拉(Godzilla)☆67Dec 27, 2024Updated last year
- 本工具为jeecg框架漏洞利用工具非jeecg-boot!☆184Aug 13, 2024Updated last year
- Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)☆116Feb 24, 2023Updated 3 years ago
- 哥斯拉nacos后渗透插件 maketoken adduser☆150Jul 7, 2023Updated 2 years ago