jas502n / JNDIExploit-1
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
☆30Updated 3 years ago
Alternatives and similar repositories for JNDIExploit-1:
Users that are interested in JNDIExploit-1 are comparing it to the libraries listed below
- 2020年~2021年 网站CMS、中间件、框架系统漏洞集合☆36Updated 4 years ago
- ThinkPHP各版本反序列化利用代码☆32Updated 4 years ago
- ☆42Updated 5 years ago
- X安蜜罐用的一些存在JSonp劫持的API☆93Updated 3 years ago
- CobatStrike-Script, Beacon上线,微信实时推送!☆44Updated 5 years ago
- CVE-2021-4034, For Webshell Version.☆34Updated 3 years ago
- springboot getRequestURI acl bypass☆37Updated 4 years ago
- Java RMI反序列化漏洞插件☆47Updated 3 years ago
- CommonsBeanutils1,CommonsCollectionsK1☆58Updated 4 years ago
- 宽字节安全团队的博客☆30Updated 4 years ago
- e-mesaage <=4.15 后台jar包上传exp☆47Updated 6 years ago
- 清除基于java agent木马☆78Updated 4 years ago
- 魔改的冰蝎,仅供测试连接内存webshell使用☆38Updated 4 years ago
- "打一枪换一个地方" 一个HTTP代理☆41Updated 5 years ago
- Apache Shiro payload AES解密☆28Updated 4 years ago
- 通过burp代理流量寻找shiro站点☆60Updated 4 years ago
- 卸载冰蝎内存马☆67Updated 4 years ago
- 使用java agent反序列化注入内存shell☆67Updated 4 years ago
- shiro 反序列化 回显检测☆39Updated 3 years ago
- JVM runtime class loading protection agent.(JVM类加载保护agent)☆48Updated 4 years ago
- jre8u20 gadget☆33Updated 3 years ago
- Celestion 是一个无回显漏洞测试辅助平台,平台使用flask编写,提供DNSLOG,HTTPLOG等功能。 (界面懒得弄,后续有需要再说)。☆30Updated last year
- ☆46Updated 3 years ago
- 一些结合第三方组件的Fastjson POC,在1.2.48以后版本中陆续被添加至黑名单。☆56Updated 5 years ago
- log4j-patch 修改字节码实现补丁防御☆20Updated 3 years ago
- NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script☆87Updated 3 years ago
- 该项目是通过go语言实现防止rmi利用被反置的问题。☆44Updated 3 years ago
- ☆4Updated 4 years ago
- Yapi RCE漏洞批量验证与伪交互SHELL☆41Updated 3 years ago
- weblogic-framework☆45Updated 3 years ago