hosch3n / FastjsonVulnsLinks

[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload

☆91

Alternatives and similar repositories for FastjsonVulns

Users that are interested in FastjsonVulns are comparing it to the libraries listed below

Sorting:

KpLi0rn / ysoserial
在原有yso基础上实现依赖分离，内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆68Updated 4 years ago
0linlin0 / Java
java
☆54Updated 3 years ago
su18 / rasp-vuln
当死去的记忆突然开始攻击我，我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。
☆79Updated 3 years ago
woodpecker-framework / woodpecker-requests
woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。
☆72Updated 3 months ago
passer-W / snakeyaml-memshell
springboot跨线程注入内存马
☆123Updated 3 years ago
woodpecker-appstore / java-memshell-generator
Java 内存马生成插件
☆54Updated 2 years ago
H3rmesk1t / Fastjson-Gadgets-Automatic-Scanner
Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …
☆49Updated 3 years ago
Rvn0xsy / SMTP-NC
SMTP Netcat , test SMTP protocol
☆105Updated 4 years ago
lz2y / DubboPOC
Apache Dubbo漏洞测试Demo及其POC
☆65Updated 2 years ago
0xrumble / BytecodeScreen
☆50Updated 3 years ago
wuppp / releaseBehinderShell
卸载冰蝎内存马
☆68Updated 4 years ago
r00tuser111 / SerializationDumper-Shiro
基于SerializationDumper的Shiro Cookie序列化数据解密小工具
☆54Updated 5 years ago
SummerSec / LookupInterface
CodeQL 寻找 JNDI利用 Lookup接口
☆166Updated 3 years ago
longofo / Apache-Dubbo-Hessian2-CVE-2021-43297
Apache Dubbo Hessian2 CVE-2021-43297 demo
☆46Updated 4 years ago
KpLi0rn / DeserializeAll
一个简单的批量反编译jar包的小脚本
☆45Updated 3 years ago
R17a-17 / JavaVulnSummary
Java漏洞分析汇合
☆142Updated 4 years ago
woodpecker-appstore / springboot-vuldb
☆70Updated 4 years ago
Lotus6 / FileMonitor
Java命令行文件监控小工具(代码审计)
☆103Updated 4 years ago
zhutougg / LandrayDES
蓝凌OA的前后台密码的加解密工具
☆95Updated 5 years ago
turn1tup / JspEncounter
☆122Updated 2 years ago
Scorpio-m7 / tomcat-backdoor
☆55Updated 4 years ago
mark0smith / Kunlun-M-GUI
Kunlun-M 的GUI程序
☆52Updated 3 years ago
coffeehb / Spring4Shell
一个Spring4Shell 被动式检测的Burp插件
☆93Updated 3 years ago
OneSourceCat / XxlJob-Hessian-RCE
XxlJob<=2.1.2配置不当情况下反序列化RCE
☆119Updated 5 years ago
AlphabugX / godzilla_decode
Godzilla java Decode,哥斯拉jsp(内存马)流量解密
☆113Updated 4 years ago
8ypass / weblogicExploit
weblogic历史漏洞利用工具
☆91Updated 3 years ago
welk1n / FastjsonPocs
一些结合第三方组件的Fastjson POC，在1.2.48以后版本中陆续被添加至黑名单。
☆56Updated 6 years ago
TonyD0g / JSPHunter
基于污点分析和模拟栈帧技术的JSP Webshell检测
☆48Updated 4 months ago
turn1tup / JvmRaspBypass
☆17Updated 3 years ago
cckuailong / YarnRpcRCE
☆83Updated 4 years ago