hosch3n / FastjsonVulns

[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload

☆90

Alternatives and similar repositories for FastjsonVulns:

Users that are interested in FastjsonVulns are comparing it to the libraries listed below

0xrumble / BytecodeScreen
☆50Updated 2 years ago
woodpecker-appstore / java-memshell-generator
Java 内存马生成插件
☆50Updated last year
0linlin0 / Java
java
☆54Updated 2 years ago
KpLi0rn / ysoserial
在原有yso基础上实现依赖分离，内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆68Updated 3 years ago
woodpecker-framework / woodpecker-requests
woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。
☆67Updated last year
H3rmesk1t / Fastjson-Gadgets-Automatic-Scanner
Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …
☆50Updated 3 years ago
wuppp / releaseBehinderShell
卸载冰蝎内存马
☆67Updated 3 years ago
su18 / rasp-vuln
当死去的记忆突然开始攻击我，我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。
☆78Updated 2 years ago
freeFV / ShortPayload
如何将Java反序列化Payload极致缩小
☆48Updated 3 years ago
longofo / Apache-Dubbo-Hessian2-CVE-2021-43297
Apache Dubbo Hessian2 CVE-2021-43297 demo
☆46Updated 3 years ago
turn1tup / JvmRaspBypass
☆13Updated 2 years ago
KpLi0rn / DeserializeAll
一个简单的批量反编译jar包的小脚本
☆35Updated 2 years ago
welk1n / FastjsonPocs
一些结合第三方组件的Fastjson POC，在1.2.48以后版本中陆续被添加至黑名单。
☆56Updated 5 years ago
passer-W / snakeyaml-memshell
springboot跨线程注入内存马
☆116Updated 2 years ago
cckuailong / YarnRpcRCE
☆81Updated 3 years ago
SummerSec / LookupInterface
CodeQL 寻找 JNDI利用 Lookup接口
☆163Updated 2 years ago
OneSourceCat / XxlJob-Hessian-RCE
XxlJob<=2.1.2配置不当情况下反序列化RCE
☆91Updated 4 years ago
yyhuni / shiroMemshell
利用shiro反序列化注入冰蝎内存马
☆35Updated 3 years ago
wh1t3p1g / tabby-intellij-plugin
A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
☆33Updated 4 months ago
Y4Sec-Team / mysql-jdbc-tricks
JDBC Attack Tricks
☆142Updated last year
mark0smith / Kunlun-M-GUI
Kunlun-M 的GUI程序
☆51Updated 2 years ago
coffeehb / Spring4Shell
一个Spring4Shell 被动式检测的Burp插件
☆93Updated 2 years ago
Echox1 / ShiroExploit
☆38Updated 4 years ago
knightswd / NoPacScan
NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script
☆86Updated 3 years ago
flowerwind / AutoGenerateXalanPayload
cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
☆89Updated 2 years ago
Ape1ron / SpringAopInDeserializationDemo1
在spring-aop中新发现的反序列化gadget-chain
☆43Updated 2 months ago
bitterzzZZ / CVE-2021-43297-POC
CVE-2021-43297 POC，Apache Dubbo<= 2.7.13时可以实现RCE
☆38Updated 3 years ago
zhzhdoai / Weblogic_Vuln
CVE-2015-4852、CVE-2016-0638、CVE-2016-3510、CVE-2019-2890漏洞POC
☆17Updated 4 years ago
Rvn0xsy / SMTP-NC
SMTP Netcat , test SMTP protocol
☆105Updated 3 years ago
lz2y / DubboPOC
Apache Dubbo漏洞测试Demo及其POC
☆61Updated last year