SpringBoot_Actuator_RCE
☆95May 26, 2020Updated 5 years ago
Alternatives and similar repositories for SpringBoot_Actuator_RCE
Users that are interested in SpringBoot_Actuator_RCE are comparing it to the libraries listed below
Sorting:
- 一款用于攻击spring boot actuator的集成环境,目前集成三种攻击方式,支持1.x、2.x☆86Jul 26, 2021Updated 4 years ago
- Use current thread token to execute command☆15Jan 27, 2021Updated 5 years ago
- 📧Coremail邮件系统组织通讯录导出脚本☆158Sep 28, 2021Updated 4 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- SpringBoot Actuator未授权自动化利用,支持信息泄漏/RCE☆230Dec 5, 2020Updated 5 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- JumpServer远程代码执行漏洞检测利用脚本☆202Feb 9, 2021Updated 5 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆615Dec 29, 2021Updated 4 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或�特定场景下的漏洞。☆11Apr 2, 2021Updated 4 years ago
- Shiro反序列化利用工具,支持新版本(AES-GCM)Shiro的key爆破,配合ysoserial,生成回显Payload☆897May 28, 2021Updated 4 years ago
- Shiro-550 不依赖CC链利用工具☆451Jun 19, 2024Updated last year
- Apache Shiro 反序列化漏洞检测与利用工具,一键注入内存马☆138Jan 20, 2021Updated 5 years ago
- Weblogic IIOP CVE-2020-2551☆339Apr 7, 2020Updated 5 years ago
- Flask 内存马☆313Mar 26, 2021Updated 4 years ago
- 扫描常见未授权访问(改)(redis、mongodb、memcached、elasticsearch、zookeeper、ftp、CouchDB、docker、Hadoop)☆15Aug 4, 2020Updated 5 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 3 years ago
- CVE-2020-5902 BIG-IP☆374Oct 13, 2021Updated 4 years ago
- FasterXML/jackson-databind 远程代码执行漏洞☆73Feb 21, 2020Updated 6 years ago
- Redis RCE 的几种方法☆90Jun 5, 2024Updated last year
- 内网渗透中常用的c#程序整合成cs脚本,直接内存加载。持续更新~☆498Feb 13, 2020Updated 6 years ago
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆535Aug 25, 2020Updated 5 years ago
- 通过 Redis 主从写出无损文件☆719May 25, 2020Updated 5 years ago
- Behinder3.0 Beta4 源码(Decompile and Fixed)☆207Sep 1, 2020Updated 5 years ago
- 一款高效的参数fuzz工具|A faster param fuzzing test tool☆103Nov 8, 2020Updated 5 years ago
- Java RCE 回显测试代码☆1,016Oct 15, 2020Updated 5 years ago
- Spring Cloud SnakeYAML 反序列化一键注�入cmdshell和reGeorg☆135Sep 24, 2020Updated 5 years ago
- Shiro550/Shiro721 一键化利用工具,支持多种回显方式☆1,950Jun 4, 2021Updated 4 years ago
- a Burp Extender that add an random X-Forward-For IP address for each request☆31Aug 12, 2016Updated 9 years ago
- xss漏洞模糊测试payload的最佳集合 2020版☆511May 25, 2020Updated 5 years ago
- JNDI注入测试工具改版(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,et…☆49Nov 14, 2020Updated 5 years ago
- Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE☆176Dec 15, 2022Updated 3 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,012May 21, 2024Updated last year
- SharpAddDomainMachine☆69Oct 12, 2021Updated 4 years ago
- heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等☆1,433May 21, 2024Updated last year
- WINDOWS TELEMETRY权限维持☆257Jul 2, 2020Updated 5 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆968Jun 16, 2024Updated last year
- Fastjson姿势技巧集合☆1,825Oct 20, 2023Updated 2 years ago
- 帆软/致远密码解密工具☆360Jul 29, 2021Updated 4 years ago
- 后台插件getshell☆50Dec 4, 2021Updated 4 years ago