jas502n/SpringBoot_Actuator_RCE

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jas502n/SpringBoot_Actuator_RCE)

jas502n / SpringBoot_Actuator_RCE

SpringBoot_Actuator_RCE

☆95

Alternatives and similar repositories for SpringBoot_Actuator_RCE

Users that are interested in SpringBoot_Actuator_RCE are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

r00tuser111 / ActuatorExploitTools
View on GitHub
一款用于攻击spring boot actuator的集成环境，目前集成三种攻击方式，支持1.x、2.x
☆85Jul 26, 2021Updated 4 years ago
w1u0u1 / exec
View on GitHub
Use current thread token to execute command
☆15Jan 27, 2021Updated 5 years ago
dpu / coremail-address-book
View on GitHub
📧Coremail邮件系统组织通讯录导出脚本
☆158Sep 28, 2021Updated 4 years ago
LFYSec / ActuatorExploit
View on GitHub
SpringBoot Actuator未授权自动化利用，支持信息泄漏/RCE
☆231Dec 5, 2020Updated 5 years ago
threedr3am / tomcat-cluster-session-sync-exp
View on GitHub
tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包，可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
☆213May 19, 2020Updated 6 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
iSafeBlue / fastjson-autotype-bypass-demo
View on GitHub
fastjson 1.2.68 版本 autotype bypass
☆142Jun 17, 2022Updated 3 years ago
Veraxy00 / Jumpserver-EXP
View on GitHub
JumpServer远程代码执行漏洞检测利用脚本
☆204Feb 9, 2021Updated 5 years ago
threedr3am / ZhouYu
View on GitHub
（周瑜）Java - SpringBoot 持久化 WebShell（不仅仅是SpringBoot，适合任何符合JavaEE规范的服务）
☆615Dec 29, 2021Updated 4 years ago
Veraxy00 / Shiro-EXP
View on GitHub
Apache Shiro 反序列化漏洞检测与利用工具，一键注入内存马
☆138Jan 20, 2021Updated 5 years ago
Ares-X / shiro-exploit
View on GitHub
Shiro反序列化利用工具，支持新版本(AES-GCM)Shiro的key爆破，配合ysoserial，生成回显Payload
☆891May 28, 2021Updated 5 years ago
jas502n / jackson-CVE-2020-8840
View on GitHub
FasterXML/jackson-databind 远程代码执行漏洞
☆73Feb 21, 2020Updated 6 years ago
Y4er / WebLogic-Shiro-shell
View on GitHub
WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell
☆532Aug 25, 2020Updated 5 years ago
dr0op / shiro-550-with-NoCC
View on GitHub
Shiro-550 不依赖CC链利用工具
☆449Jun 19, 2024Updated last year
feihong-cs / Java-Rce-Echo
View on GitHub
Java RCE 回显测试代码
☆1,013Oct 15, 2020Updated 5 years ago
Wordpress hosting with auto-scaling - Free Trial Offer • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
iceyhexman / flask_memory_shell
View on GitHub
Flask 内存马
☆314Mar 26, 2021Updated 5 years ago
r35tart / RedisWriteFile
View on GitHub
通过 Redis 主从写出无损文件
☆717May 25, 2020Updated 6 years ago
idiotc4t / sharpwmi
View on GitHub
(批量化改造)sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。
☆109Jan 8, 2021Updated 5 years ago
uknowsec / SharpToolsAggressor
View on GitHub
内网渗透中常用的c#程序整合成cs脚本，直接内存加载。持续更新~
☆499Feb 13, 2020Updated 6 years ago
Slzdude / behinder_source
View on GitHub
Behinder3.0 Beta4 源码（Decompile and Fixed）
☆207Sep 1, 2020Updated 5 years ago
jas502n / xxl-job
View on GitHub
xxl-job RESTful API RCE
☆73Jul 1, 2021Updated 4 years ago
1120362990 / vulnerability-list
View on GitHub
在渗透测试中快速检测常见中间件、组件的高危漏洞。
☆724Mar 21, 2022Updated 4 years ago
bit4woo / Burp_Extender_random_X-Forward-For
View on GitHub
a Burp Extender that add an random X-Forward-For IP address for each request
☆31Aug 12, 2016Updated 9 years ago
mishmashclone / GrrrDog-Java-Deserialization-Cheat-Sheet
View on GitHub
https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
☆54Sep 11, 2021Updated 4 years ago
End-to-end encrypted cloud storage - Proton Drive • Ad
Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
Y4er / CVE-2020-2551
View on GitHub
Weblogic IIOP CVE-2020-2551
☆337Apr 7, 2020Updated 6 years ago
jas502n / CVE-2020-5902
View on GitHub
CVE-2020-5902 BIG-IP
☆374Oct 13, 2021Updated 4 years ago
TheKingOfDuck / JNDI-Injection-Exploit
View on GitHub
JNDI注入测试工具改版（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,et…
☆48Nov 14, 2020Updated 5 years ago
Y4er / yaml-payload
View on GitHub
Spring Cloud SnakeYAML 反序列化一键注入cmdshell和reGeorg
☆136Sep 24, 2020Updated 5 years ago
360-Linton-Lab / Telemetry
View on GitHub
WINDOWS TELEMETRY权限维持
☆258Jul 2, 2020Updated 5 years ago
feihong-cs / ShiroExploit-Deprecated
View on GitHub
Shiro550/Shiro721 一键化利用工具，支持多种回显方式
☆1,958Jun 4, 2021Updated 5 years ago
wyzxxz / jndi_tool
View on GitHub
JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具
☆2,018May 21, 2024Updated 2 years ago
euphrat1ca / CVE-2020-0618
View on GitHub
SQL Server Reporting Services(CVE-2020-0618)中的RCE
☆195Feb 15, 2020Updated 6 years ago
TheKingOfDuck / paramFuzzer
View on GitHub
一款高效的参数fuzz工具|A faster param fuzzing test tool
☆104Nov 8, 2020Updated 5 years ago
Wordpress hosting with auto-scaling - Free Trial Offer • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
jas502n / Shiro_Xray
View on GitHub
CommonsBeanutils1,CommonsCollectionsK1
☆58Nov 16, 2020Updated 5 years ago
safe6Sec / Fastjson
View on GitHub
Fastjson姿势技巧集合
☆1,848Oct 20, 2023Updated 2 years ago
jas502n / CVE-2020-8193
View on GitHub
Citrix ADC Vulns
☆86Jul 10, 2020Updated 5 years ago
Y4er / CVE-2020-2883
View on GitHub
Weblogic coherence.jar RCE
☆176May 10, 2020Updated 6 years ago
20200629 / openfire_shells
View on GitHub
后台插件getshell
☆50Dec 4, 2021Updated 4 years ago
Y4er / CVE-2020-2555
View on GitHub
Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE
☆176Dec 15, 2022Updated 3 years ago
dr0op / WeblogicScan
View on GitHub
增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
☆962Jun 16, 2024Updated last year