hosch3n / FastjsonVulns
[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
☆90Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for FastjsonVulns
- ☆51Updated 2 years ago
- Java 内存马生成插件☆49Updated last year
- woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。☆67Updated last year
- Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …☆50Updated 2 years ago
- 卸载冰蝎内存马☆68Updated 3 years ago
- java☆54Updated last year
- 在原有yso基础上实现依赖分离,内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆68Updated 3 years ago
- ☆81Updated 2 years ago
- The purpose of this script is to bypass disablefund, provide some useful information, and dig the hook function of PHP extension.☆14Updated 3 years ago
- ☆37Updated 2 years ago
- Apache Dubbo Hessian2 CVE-2021-43297 demo☆46Updated 2 years ago
- A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily☆30Updated 4 months ago
- ☆4Updated 2 years ago
- 一个简单的批量反编译jar包的小脚本☆30Updated 2 years ago
- XxlJob<=2.1.2配置不当情况下反序列化RCE☆70Updated 4 years ago
- CVE-2021-43297 POC,Apache Dubbo<= 2.7.13时可以实现RCE☆38Updated 2 years ago
- springboot跨线程注入内存马☆114Updated 2 years ago
- 多组 件客户端☆68Updated 2 months ago
- 该项目是通过go语言实现防止rmi利用被反置的问题。☆44Updated 2 years ago
- 利用shiro反序列化注入冰蝎内存马☆33Updated 2 years ago
- NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script☆85Updated 2 years ago
- 一些结合第三方组件的Fastjson POC,在1.2.48以后版本中陆续被添加至黑名单。☆55Updated 5 years ago
- 一个高价值漏洞采集与推送服务 | A valueable vulnerability collection and push service☆31Updated last month
- CVE-2015-4852、CVE-2016-0638、CVE-2016-3510、CVE-2019-2890漏洞POC☆17Updated 4 years ago
- CodeQL 寻找 JNDI利用 Lookup接口☆161Updated 2 years ago
- 当死去的记忆突然开始攻击我,我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。☆78Updated 2 years ago
- 之前方便自己研究RASP原理和绕过时顺手写的,用于快速启动和重置RASP环境☆51Updated 3 weeks ago