SpringBoot_Actuator_RCE
☆95May 26, 2020Updated 5 years ago
Alternatives and similar repositories for SpringBoot_Actuator_RCE
Users that are interested in SpringBoot_Actuator_RCE are comparing it to the libraries listed below
Sorting:
- 一款用于攻击spring boot actuator的集成环境,目前集成三种攻击方式,支持1.x、2.x☆86Jul 26, 2021Updated 4 years ago
- Use current thread token to execute command☆15Jan 27, 2021Updated 5 years ago
- 📧Coremail邮件系统组织通讯录导出脚本☆158Sep 28, 2021Updated 4 years ago
- SpringBoot Actuator未授权自动化利用,支持信息泄漏/RCE☆230Dec 5, 2020Updated 5 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- JumpServer远程代码执行漏洞检测利用脚本☆204Feb 9, 2021Updated 5 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆614Dec 29, 2021Updated 4 years ago
- Apache Shiro 反序列��化漏洞检测与利用工具,一键注入内存马☆138Jan 20, 2021Updated 5 years ago
- Shiro反序列化利用工具,支持新版本(AES-GCM)Shiro的key爆破,配合ysoserial,生成回显Payload☆896May 28, 2021Updated 4 years ago
- FasterXML/jackson-databind 远程代码执行漏洞☆73Feb 21, 2020Updated 6 years ago
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆535Aug 25, 2020Updated 5 years ago
- Shiro-550 不依赖CC链利用工具☆450Jun 19, 2024Updated last year
- Java RCE 回显测试代码☆1,015Oct 15, 2020Updated 5 years ago
- Flask 内存马☆314Mar 26, 2021Updated 4 years ago
- 通过 Redis 主从写出无损文件☆718May 25, 2020Updated 5 years ago
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆108Jan 8, 2021Updated 5 years ago
- 内网渗透中常用的c#程序整合成cs脚本,直接内存加载。持续更新~☆499Feb 13, 2020Updated 6 years ago
- Behinder3.0 Beta4 源码(Decompile and Fixed)☆207Sep 1, 2020Updated 5 years ago
- xxl-job RESTful API RCE☆74Jul 1, 2021Updated 4 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 4 years ago
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet☆54Sep 11, 2021Updated 4 years ago
- a Burp Extender that add an random X-Forward-For IP address for each request☆31Aug 12, 2016Updated 9 years ago
- Weblogic IIOP CVE-2020-2551☆338Apr 7, 2020Updated 5 years ago
- CVE-2020-5902 BIG-IP☆374Oct 13, 2021Updated 4 years ago
- JNDI注入测试工具改版(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,et…☆48Nov 14, 2020Updated 5 years ago
- Spring Cloud SnakeYAML 反序列化一键注入cmdshell和reGeorg☆136Sep 24, 2020Updated 5 years ago
- WINDOWS TELEMETRY权限维持☆258Jul 2, 2020Updated 5 years ago
- Shiro550/Shiro721 一键化利用工具,支持多种回显方式☆1,953Jun 4, 2021Updated 4 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,014May 21, 2024Updated last year
- 一款高效的参数fuzz工具|A faster param fuzzing test tool☆103Nov 8, 2020Updated 5 years ago
- SQL Server Reporting Services(CVE-2020-0618)中的RCE☆198Feb 15, 2020Updated 6 years ago
- CommonsBeanutils1,CommonsCollectionsK1☆58Nov 16, 2020Updated 5 years ago
- Citrix ADC Vulns☆86Jul 10, 2020Updated 5 years ago
- Fastjson姿势技巧集合☆1,833Oct 20, 2023Updated 2 years ago
- Weblogic coherence.jar RCE☆176May 10, 2020Updated 5 years ago
- 后台插件getshell☆50Dec 4, 2021Updated 4 years ago
- Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE☆176Dec 15, 2022Updated 3 years ago
- 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持☆967Jun 16, 2024Updated last year