hengyunabc/dubbo-apache-commons-collections-bug external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hengyunabc/dubbo-apache-commons-collections-bug

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hengyunabc/dubbo-apache-commons-collections-bug)

Close

hengyunabc / dubbo-apache-commons-collections-bugView on GitHubMore

• External links
• Readme badge

演示dubbo rpc Apache commons collections 的Java序列化漏洞

☆42Nov 13, 2015Updated 10 years ago

Alternatives and similar repositories for dubbo-apache-commons-collections-bug

Users that are interested in dubbo-apache-commons-collections-bug are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• pwntester / JVMDeserialization

  View on GitHub
  PoC for Scala and Groovy
  ☆14Apr 4, 2016Updated 9 years ago
• mogwailabs / deserialization-filter-blacklists

  View on GitHub
  Native Java serialization filter blacklist for common gadgets
  ☆20Sep 12, 2019Updated 6 years ago
• tobechenghuai / Shiro_721_Padding_Oracle_RCE

  View on GitHub
  Shiro_721 exp 纯手工实现Padding Oracle整个过程
  ☆67Nov 20, 2019Updated 6 years ago
• r3dxpl0it / Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021

  View on GitHub
  CVE-2018-8021 Proof-Of-Concept and Exploit
  ☆106Dec 3, 2018Updated 7 years ago
• JoyChou93 / trident

  View on GitHub
  Java通用漏洞修复安全组件
  ☆60Jul 12, 2025Updated 8 months ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• 0c0c0f / security

  View on GitHub
  ☆33Dec 6, 2022Updated 3 years ago
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• zerothoughts / spring-jndi

  View on GitHub
  Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
  ☆116May 17, 2019Updated 6 years ago
• 111ddea / cve-2018-2894

  View on GitHub
  cve-2018-2894 不同别人的利用方法。
  ☆15Dec 1, 2025Updated 3 months ago
• whoamisky / linux-backdoor

  View on GitHub
  ☆12Aug 5, 2015Updated 10 years ago
• motikan2010 / CVE-2020-5398

  View on GitHub
  CVE-2020-5398 - RFD(Reflected File Download) Attack for Spring MVC
  ☆86Dec 15, 2022Updated 3 years ago
• mogwailabs / rmi-deserialization

  View on GitHub
  Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
  ☆101Sep 20, 2019Updated 6 years ago
• x41sec / BeanStack

  View on GitHub
  X41 BeanStack - Stack Trace Fingerprinting BETA
  ☆53Dec 3, 2025Updated 3 months ago
• silience / sql

  View on GitHub
  ☆13Apr 11, 2018Updated 7 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• irsl / struts-any-results

  View on GitHub
  Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.
  ☆12Sep 30, 2018Updated 7 years ago
• JavaPentesters / java_vul_target

  View on GitHub
  ☆28Oct 16, 2017Updated 8 years ago
• uknowsec / Frida-Hook-In-Java-Notes

  View on GitHub
  Java层frida hook学习笔记 https://uknowsec.cn
  ☆47Feb 6, 2020Updated 6 years ago
• Tycx2ry / discuz-plugin-scan

  View on GitHub
  discuz-plugin-scan
  ☆21Sep 23, 2015Updated 10 years ago
• gorgiaxx / reGeorg

  View on GitHub
  The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
  ☆19Apr 9, 2018Updated 7 years ago
• RUB-NDS / DTD-Attacks

  View on GitHub
  Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java
  ☆55Jul 21, 2016Updated 9 years ago
• bit4woo / Java_deserialize_vuln_lab

  View on GitHub
  Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
  ☆87Nov 26, 2018Updated 7 years ago
• doyensec / ajpfuzzer

  View on GitHub
  A command-line fuzzer for the Apache JServ Protocol (ajp13)
  ☆97Nov 15, 2022Updated 3 years ago
• jiangsir404 / pbscan

  View on GitHub
  基于burpsuite headless 的代理式被动扫描系统
  ☆95Feb 10, 2020Updated 6 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• GrrrDog / ZeroNights-HackQuest-2016

  View on GitHub
  2 web tasks from ZeroNights HackQuest 2016
  ☆50Mar 24, 2017Updated 9 years ago
• 0xbug / CVE-2019-8451

  View on GitHub
  https://jira.atlassian.com/browse/JRASERVER-69793
  ☆10Sep 16, 2019Updated 6 years ago
• shengqi158 / fastjson-remote-code-execute-poc

  View on GitHub
  fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class，然后运行Poc.java
  ☆403Dec 16, 2022Updated 3 years ago
• mtxiaowangzi / Java-EE-VulnWeb

  View on GitHub
  用于演示Java Web项目中，漏洞的成因及修复方案，可用于黑盒测试和白盒测试，部分修复方案可用于生产环境。
  ☆43Apr 20, 2018Updated 7 years ago
• any-how / Getinfo_phpinfo

  View on GitHub
  提取phpinfo()敏感信息
  ☆11Nov 23, 2018Updated 7 years ago
• theLSA / solr-rce

  View on GitHub
  apache solr 5.x - 8.2.0 rce (with config api)
  ☆11Oct 31, 2019Updated 6 years ago
• x-f1v3 / CVE-2019-3396

  View on GitHub
  Confluence Widget Connector path traversal (CVE-2019-3396)
  ☆22Oct 4, 2019Updated 6 years ago
• l3m0n / oauth2

  View on GitHub
  oauth2研究: 实现代码、漏洞利用、修复方案
  ☆19May 21, 2019Updated 6 years ago
• 5up3rc / weblogic_cmd

  View on GitHub
  weblogic t3 deserialization rce
  ☆268Jul 13, 2017Updated 8 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• Bort-Millipede / WLT3Serial

  View on GitHub
  Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.
  ☆35Mar 2, 2020Updated 6 years ago
• mpgn / CVE-2019-0192

  View on GitHub
  RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
  ☆210Mar 10, 2019Updated 7 years ago
• shadow-horse / CVE-2019-17571

  View on GitHub
  Apache Log4j 1.2.X存在反序列化远程代码执行漏洞
  ☆78Dec 25, 2019Updated 6 years ago
• earayu / fastjson_jndi_poc

  View on GitHub
  fastjson远程命令执行漏洞，jndi方式
  ☆40Dec 7, 2017Updated 8 years ago
• mpgn / CVE-2018-19276

  View on GitHub
  CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE
  ☆16Mar 11, 2019Updated 7 years ago
• GoSecure / break-fast-serial

  View on GitHub
  A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
  ☆55Mar 27, 2017Updated 9 years ago
• jamesbcook / shellcode-launcher

  View on GitHub
  ☆13Apr 22, 2015Updated 10 years ago