Java Security Documents
☆81Sep 19, 2019Updated 6 years ago
Alternatives and similar repositories for Java-Security
Users that are interested in Java-Security are comparing it to the libraries listed below
Sorting:
- 几条关于CVE-2020-15148(yii2反序列化)的绕过☆75Sep 21, 2020Updated 5 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Feb 8, 2020Updated 6 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- Exploitation Script for CVE-2020-0688 "Microsoft Exchange default MachineKeySection deserialize vulnerability"☆11Apr 1, 2020Updated 5 years ago
- LANGZI_SRC_安全巡航 是一款集成漏扫,验证,资产监控,自动复现并且生成结果表报的工具,实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。☆14Jul 7, 2019Updated 6 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"☆101Sep 20, 2019Updated 6 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 6 years ago
- ☆835Jun 7, 2022Updated 3 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- win内网_域控安全☆364May 14, 2019Updated 6 years ago
- 绕过专业工具检测的Webshell研究文章和免杀的Webshell☆1,733Nov 15, 2020Updated 5 years ago
- ☆153Jun 24, 2019Updated 6 years ago
- CMS和中间件指纹库☆399Apr 30, 2019Updated 6 years ago
- a simple tool to detect potential security threat in php code☆316Sep 9, 2024Updated last year
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆615Dec 29, 2021Updated 4 years ago
- PoC exploit for VMware Cloud Director RCE (CVE-2020-3956)☆89Jun 2, 2020Updated 5 years ago
- dynamic crawler for web vulnerability scanner☆252Mar 4, 2020Updated 5 years ago
- ☆145Jun 20, 2018Updated 7 years ago
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,198Oct 17, 2023Updated 2 years ago
- JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本☆258Oct 29, 2021Updated 4 years ago
- 🌶 一些和容器化/容器编排/服务网格等技术相关的安全代码片段[自用备份]☆81Jul 23, 2021Updated 4 years ago
- xss漏洞模糊测试payload的最佳集合 2020版☆511May 25, 2020Updated 5 years ago
- Weblogic coherence.jar RCE☆176May 10, 2020Updated 5 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- A fake JDBC driver that allows OS command execution.☆125Oct 2, 2022Updated 3 years ago
- 360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能☆1,183Nov 10, 2021Updated 4 years ago
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,404Jan 18, 2022Updated 4 years ago
- ☆143Jan 21, 2021Updated 5 years ago
- 一款基于webshell命令执行功能实现的GUI webshell管理工具,支持流量加密☆218Jun 4, 2021Updated 4 years ago
- bypass JEP290 RaspHook code☆63Sep 21, 2020Updated 5 years ago
- a webshell resides in the memory of java web server☆700Jun 26, 2018Updated 7 years ago
- anti AV☆292Mar 12, 2020Updated 5 years ago
- Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynam…☆696Dec 25, 2023Updated 2 years ago
- 记录个人XSS学习☆106Oct 12, 2020Updated 5 years ago