its-arun/CVE-2022-39197

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/its-arun/CVE-2022-39197)

its-arun / CVE-2022-39197

CobaltStrike <= 4.7.1 RCE

☆387

Alternatives and similar repositories for CVE-2022-39197

Users that are interested in CVE-2022-39197 are comparing it to the libraries listed below

Sorting:

Schira4396 / VcenterKiller
View on GitHub
一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
☆1,467Apr 25, 2024Updated last year
burpheart / CVE-2022-39197-patch
View on GitHub
CVE-2022-39197 漏洞补丁. CVE-2022-39197 Vulnerability Patch.
☆319Sep 26, 2022Updated 3 years ago
9bie / oss-stinger
View on GitHub
利用oss实现http转发/cobalt strike上线
☆370Nov 26, 2022Updated 3 years ago
KrystianLi / ExchangeOWA
View on GitHub
一款OutLook信息收集工具
☆244May 23, 2023Updated 2 years ago
rebeyond / JNDInjector
View on GitHub
一个高度可定制化的JNDI和Java反序列化利用工具
☆472Jan 17, 2023Updated 3 years ago
veo / wsMemShell
View on GitHub
WebSocket 内存马/Webshell，一种新型内存马/WebShell技术
☆1,490Apr 10, 2023Updated 2 years ago
Ptkatz / OrcaC2
View on GitHub
OrcaC2是一款基于Websocket加密通信的多功能C&C框架，使用Golang实现。
☆676Dec 30, 2022Updated 3 years ago
pen4uin / java-memshell-generator
View on GitHub
一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
☆2,157Aug 21, 2025Updated 6 months ago
seventeenman / CallBackDump
View on GitHub
dump lsass进程工具
☆561Jul 20, 2023Updated 2 years ago
mai1zhi2 / SharpBeacon
View on GitHub
CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon，其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能
☆730Sep 1, 2021Updated 4 years ago
zema1 / suo5
View on GitHub
高性能 HTTP 正向代理工具 | A high-performance http tunneling tool
☆2,675Feb 2, 2026Updated last month
JDArmy / DCSec
View on GitHub
域控安全one for all
☆736Sep 9, 2024Updated last year
a1phaboy / FastjsonScan
View on GitHub
Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
☆1,049Oct 7, 2022Updated 3 years ago
c0olw / NacosRce
View on GitHub
Nacos JRaft Hessian 反序列化 RCE 加载字节码注入内存马不出网利用
☆847Jul 7, 2023Updated 2 years ago
kyo-w / router-router
View on GitHub
Java web路由内存分析工具
☆438May 22, 2025Updated 9 months ago
uknowsec / SharpSQLTools
View on GitHub
SharpSQLTools 和@Rcoil一起写的小工具，可上传下载文件，xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。
☆964Aug 5, 2021Updated 4 years ago
yuyan-sec / RedisEXP
View on GitHub
Redis 漏洞利用工具
☆938Jan 26, 2025Updated last year
YYHYlh / Apache-Dubbo-CVE-2023-23638-exp
View on GitHub
Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
☆230Aug 8, 2023Updated 2 years ago
shmilylty / netspy
View on GitHub
netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）
☆2,203Jul 25, 2023Updated 2 years ago
Bl0omZ / JNDIEXP
View on GitHub
JNDI在java高版本的利用工具,FUZZ利用链
☆597Oct 8, 2022Updated 3 years ago
BeichenDream / CVE-2022-26134-Godzilla-MEMSHELL
View on GitHub
☆342Jun 7, 2022Updated 3 years ago
komomon / CVE-2022-30190-follina-Office-MSDT-Fixed
View on GitHub
CVE-2022-30190-follina.py-修改版，可以自定义word模板，方便实战中钓鱼使用。
☆394Apr 13, 2023Updated 2 years ago
wyzxxz / heapdump_tool
View on GitHub
heapdump敏感信息查询工具，例如查找 spring heapdump中的密码明文，AK,SK等
☆1,434May 21, 2024Updated last year
lele8 / SharpUserIP
View on GitHub
获取服务器或域控登录日志
☆276Sep 8, 2023Updated 2 years ago
UzJu / Cloud-Bucket-Leak-Detection-Tools
View on GitHub
六大云存储，泄露利用检测工具
☆1,243Mar 28, 2025Updated 11 months ago
TryGOTry / DogCs4.4
View on GitHub
cs4.4修改去特征狗狗版(美化ui,去除特征,自带bypass核晶截图等..)
☆574Jan 17, 2023Updated 3 years ago
achuna33 / MYExploit
View on GitHub
OAExploit一款基于产品的一键扫描工具。
☆1,481Sep 20, 2022Updated 3 years ago
yzddmr6 / Java-Shellcode-Loader
View on GitHub
基于Java实现的Shellcode加载器
☆414Sep 4, 2023Updated 2 years ago
dr0op / shiro-550-with-NoCC
View on GitHub
Shiro-550 不依赖CC链利用工具
☆450Jun 19, 2024Updated last year
wyzxxz / jndi_tool
View on GitHub
JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具
☆2,011May 21, 2024Updated last year
KimJun1010 / WeblogicTool
View on GitHub
WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）
☆1,773Nov 1, 2023Updated 2 years ago
Hutt0n0 / ActiveMqRCE
View on GitHub
用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用内存马注入
☆288Nov 20, 2023Updated 2 years ago
wikiZ / RedGuard
View on GitHub
RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
☆1,561Aug 20, 2024Updated last year
threedr3am / ZhouYu
View on GitHub
（周瑜）Java - SpringBoot 持久化 WebShell（不仅仅是SpringBoot，适合任何符合JavaEE规范的服务）
☆615Dec 29, 2021Updated 4 years ago
safe6Sec / Fastjson
View on GitHub
Fastjson姿势技巧集合
☆1,829Oct 20, 2023Updated 2 years ago
corener / JavaPassDump
View on GitHub
JavaPassDump
☆272Jan 7, 2022Updated 4 years ago
wyzxxz / aksk_tool
View on GitHub
AK资源管理工具，阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM/E2/UHOST/ECI/BCC执行命令，OSS/COS/S3/BOS…
☆779Feb 13, 2025Updated last year
ADOOO / Joker
View on GitHub
一款基于Http.sys的利用工具
☆195Nov 7, 2022Updated 3 years ago
safe6Sec / PentestDB
View on GitHub
各种数据库的利用姿势
☆1,033Jan 3, 2025Updated last year