inspiringz/Shiro-721

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/inspiringz/Shiro-721)

inspiringz / Shiro-721

Shiro-721 RCE Via RememberMe Padding Oracle Attack

☆269

Alternatives and similar repositories for Shiro-721

Users that are interested in Shiro-721 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

Y4er / CVE-2020-2883
View on GitHub
Weblogic coherence.jar RCE
☆176May 10, 2020Updated 5 years ago
Y4er / CVE-2020-2551
View on GitHub
Weblogic IIOP CVE-2020-2551
☆338Apr 7, 2020Updated 5 years ago
pyn3rd / Apache-Tomcat-MongoDB-Remote-Code-Execution
View on GitHub
Apache Tomcat + MongoDB Remote Code Execution
☆114Jan 15, 2021Updated 5 years ago
wyzxxz / jndi_tool
View on GitHub
JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具
☆2,015May 21, 2024Updated last year
wuppp / shiro_rce_exp
View on GitHub
Shiro RCE (Padding Oracle Attack)
☆148Nov 15, 2019Updated 6 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
feihong-cs / Java-Rce-Echo
View on GitHub
Java RCE 回显测试代码
☆1,016Oct 15, 2020Updated 5 years ago
rebeyond / memShell
View on GitHub
a webshell resides in the memory of java web server
☆700Jun 26, 2018Updated 7 years ago
feihong-cs / ShiroExploit-Deprecated
View on GitHub
Shiro550/Shiro721 一键化利用工具，支持多种回显方式
☆1,953Jun 4, 2021Updated 4 years ago
iceyhexman / flask_memory_shell
View on GitHub
Flask 内存马
☆314Mar 26, 2021Updated 5 years ago
lufeirider / CVE-2019-2725
View on GitHub
CVE-2019-2725 命令回显
☆436May 8, 2023Updated 2 years ago
threedr3am / learnjavabug
View on GitHub
Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…
☆2,694Mar 14, 2024Updated 2 years ago
5up3rc / weblogic_cmd
View on GitHub
weblogic t3 deserialization rce
☆268Jul 13, 2017Updated 8 years ago
c0ny1 / FastjsonExploit
View on GitHub
Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
☆1,392Dec 16, 2022Updated 3 years ago
welk1n / JNDI-Injection-Bypass
View on GitHub
Some payloads of JNDI Injection in JDK 1.8.0_191+
☆484Dec 9, 2020Updated 5 years ago
NordVPN Threat Protection Pro™ • Ad
Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
LandGrey / ClassHound
View on GitHub
利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
☆712May 10, 2021Updated 4 years ago
jas502n / SHIRO-721
View on GitHub
RememberMe Padding Oracle Vulnerability RCE
☆72Nov 14, 2019Updated 6 years ago
Y4er / WebLogic-Shiro-shell
View on GitHub
WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell
☆536Aug 25, 2020Updated 5 years ago
QAX-A-Team / WeblogicEnvironment
View on GitHub
Weblogic环境搭建工具
☆796Apr 23, 2020Updated 5 years ago
c0ny1 / java-object-searcher
View on GitHub
java内存对象搜索辅助工具
☆823Sep 23, 2022Updated 3 years ago
r35tart / RedisWriteFile
View on GitHub
通过 Redis 主从写出无损文件
☆718May 25, 2020Updated 5 years ago
c0ny1 / chunked-coding-converter
View on GitHub
Burp suite 分块传输辅助插件
☆2,029Feb 23, 2022Updated 4 years ago
Imanfeng / Apache-Solr-RCE
View on GitHub
Apache Solr Exploits 🌟
☆348Oct 13, 2020Updated 5 years ago
threedr3am / JSP-WebShells
View on GitHub
Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
☆1,405Jan 18, 2022Updated 4 years ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
iSafeBlue / fastjson-autotype-bypass-demo
View on GitHub
fastjson 1.2.68 版本 autotype bypass
☆142Jun 17, 2022Updated 3 years ago
dr0op / WeblogicScan
View on GitHub
增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
☆967Jun 16, 2024Updated last year
threedr3am / tomcat-cluster-session-sync-exp
View on GitHub
tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包，可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
☆212May 19, 2020Updated 5 years ago
longofo / rmi-jndi-ldap-jrmp-jmx-jms
View on GitHub
rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
☆311Jun 17, 2022Updated 3 years ago
LeadroyaL / fastjson-blacklist
View on GitHub
☆835Jun 7, 2022Updated 3 years ago
Ivan1ee / NET-Deserialize
View on GitHub
总结了20+.Net反序列化文章，持续更新
☆749Apr 3, 2024Updated last year
dr0op / shiro-550-with-NoCC
View on GitHub
Shiro-550 不依赖CC链利用工具
☆450Jun 19, 2024Updated last year
boy-hack / wooyun-payload
View on GitHub
从wooyun中提取的payload，以及burp插件
☆841Jun 17, 2022Updated 3 years ago
fnmsd / MySQL_Fake_Server
View on GitHub
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
☆1,362Nov 18, 2021Updated 4 years ago
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
FunnyWolf / pystinger
View on GitHub
Bypass firewall for traffic forwarding using webshell
☆1,431Sep 29, 2021Updated 4 years ago
wh1t3p1g / ysomap
View on GitHub
A helpful Java Deserialization exploit framework.
☆1,242Feb 17, 2025Updated last year
Y4er / fastjson-bypass-autotype-1.2.68
View on GitHub
fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
☆229Oct 12, 2022Updated 3 years ago
threedr3am / ZhouYu
View on GitHub
（周瑜）Java - SpringBoot 持久化 WebShell（不仅仅是SpringBoot，适合任何符合JavaEE规范的服务）
☆614Dec 29, 2021Updated 4 years ago
uknowsec / frpModify
View on GitHub
修改frp支持域前置与配置文件自删除
☆397Dec 31, 2020Updated 5 years ago
lufeirider / BypassShell
View on GitHub
anti AV
☆291Mar 12, 2020Updated 6 years ago
tobechenghuai / Shiro_721_Padding_Oracle_RCE
View on GitHub
Shiro_721 exp 纯手工实现Padding Oracle整个过程
☆67Nov 20, 2019Updated 6 years ago