kezibei/fastjson_payload external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

kezibei/fastjson_payload

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/kezibei/fastjson_payload)

Close

kezibei / fastjson_payloadView on GitHubMore

• External links
• Readme badge

☆239Feb 24, 2026Updated last week

Alternatives and similar repositories for fastjson_payload

Users that are interested in fastjson_payload are comparing it to the libraries listed below

• Lonely-night / fastjsonVul

  View on GitHub
  fastjson 80 远程代码执行漏洞复现
  ☆199Sep 7, 2022Updated 3 years ago
• su18 / hack-fastjson-1.2.80

  View on GitHub
  ☆524Sep 16, 2022Updated 3 years ago
• kezibei / Urldns

  View on GitHub
  ☆342Oct 11, 2025Updated 4 months ago
• kyo-w / router-router

  View on GitHub
  Java web路由内存分析工具
  ☆437May 22, 2025Updated 9 months ago
• BeichenDream / InjectJDBC

  View on GitHub
  注入JVM进程 动态获取目标进程连接的数据库
  ☆342Mar 6, 2022Updated 3 years ago
• hosch3n / FastjsonVulns

  View on GitHub
  [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
  ☆91Sep 2, 2022Updated 3 years ago
• LandGrey / spring-boot-upload-file-lead-to-rce-tricks

  View on GitHub
  spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
  ☆754Apr 14, 2021Updated 4 years ago
• achuna33 / Memoryshell-JavaALL

  View on GitHub
  收集内存马打入方式
  ☆506May 20, 2022Updated 3 years ago
• yzddmr6 / Java-Js-Engine-Payloads

  View on GitHub
  Java Js Engine Payloads All in one
  ☆289Aug 21, 2023Updated 2 years ago
• Bl0omZ / JNDIEXP

  View on GitHub
  JNDI在java高版本的利用工具,FUZZ利用链
  ☆597Oct 8, 2022Updated 3 years ago
• corener / JavaPassDump

  View on GitHub
  JavaPassDump
  ☆272Jan 7, 2022Updated 4 years ago
• cckuailong / JNDI-Injection-Exploit-Plus

  View on GitHub
  80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background serv…
  ☆866Jun 24, 2024Updated last year
• exp1orer / JNDI-Inject-Exploit

  View on GitHub
  解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
  ☆770Jan 26, 2022Updated 4 years ago
• feihong-cs / Java-Rce-Echo

  View on GitHub
  Java RCE 回显测试代码
  ☆1,016Oct 15, 2020Updated 5 years ago
• f0ng / JavaFileDict

  View on GitHub
  Java应用的一些配置文件字典，来源于公开的字典与平时收集
  ☆321Feb 1, 2024Updated 2 years ago
• depycode / fastjson-local-echo

  View on GitHub
  基于dbcp的fastjson rce 回显
  ☆197Jun 28, 2021Updated 4 years ago
• passer-W / snakeyaml-memshell

  View on GitHub
  springboot跨线程注入内存马
  ☆123Apr 10, 2022Updated 3 years ago
• threedr3am / ZhouYu

  View on GitHub
  （周瑜）Java - SpringBoot 持久化 WebShell（不仅仅是SpringBoot，适合任何符合JavaEE规范的服务）
  ☆615Dec 29, 2021Updated 4 years ago
• safe6Sec / Fastjson

  View on GitHub
  Fastjson姿势技巧集合
  ☆1,825Oct 20, 2023Updated 2 years ago
• pen4uin / java-memshell-generator

  View on GitHub
  一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
  ☆2,157Aug 21, 2025Updated 6 months ago
• BeichenDream / Chunk-Proxy

  View on GitHub
  ☆295May 7, 2022Updated 3 years ago
• Y4er / ysoserial

  View on GitHub
  ysoserial修改版，着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。
  ☆753Jan 11, 2024Updated 2 years ago
• a1phaboy / FastjsonScan

  View on GitHub
  Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
  ☆1,050Oct 7, 2022Updated 3 years ago
• lz2y / yaml-payload-for-ruoyi

  View on GitHub
  A memory shell for ruoyi
  ☆266Apr 28, 2023Updated 2 years ago
• A0WaQ4 / HexDnsEchoT

  View on GitHub
  命令执行不回显但DNS协议出网的命令回显场景解决方案（修改为使用ceye接收请求，添加自定义DNS服务器）
  ☆292Aug 20, 2023Updated 2 years ago
• su18 / JDBC-Attack

  View on GitHub
  JDBC Connection URL Attack
  ☆440Sep 10, 2021Updated 4 years ago
• BeichenDream / CVE-2022-26134-Godzilla-MEMSHELL

  View on GitHub
  ☆342Jun 7, 2022Updated 3 years ago
• Lotus6 / JavaGadgetGenerator

  View on GitHub
  JavaGadgetGenerator 工具，支持 ysoserial，Hessian，字节码，Expr/SSTI，Shiro，JDBC 等 Gadget 生成，封装，混淆，出网延迟探测，内存马注入等...
  ☆549Dec 7, 2025Updated 2 months ago
• sv3nbeast / DnslogCmdEcho

  View on GitHub
  命令执行不回显但DNS协议出网的命令回显场景解决方案
  ☆277Jan 10, 2023Updated 3 years ago
• Hutt0n0 / ActiveMqRCE

  View on GitHub
  用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用 内存马注入
  ☆288Nov 20, 2023Updated 2 years ago
• BeichenDream / GodzillaMemoryShellProject

  View on GitHub
  ☆307Feb 27, 2025Updated last year
• luelueking / Deserial_Sink_With_JDBC

  View on GitHub
  Some ReadObject Sink With JDBC
  ☆243May 8, 2024Updated last year
• yuyan-sec / RedisEXP

  View on GitHub
  Redis 漏洞利用工具
  ☆938Jan 26, 2025Updated last year
• ax1sX / SpringSecurity

  View on GitHub
  A list for Spring Security
  ☆128Jan 16, 2024Updated 2 years ago
• vulhub / java-chains

  View on GitHub
  Java Vulnerability Exploitation Platform
  ☆1,990Jan 6, 2026Updated last month
• Ridter / PySQLTools

  View on GitHub
  Mssql利用工具
  ☆276Aug 7, 2023Updated 2 years ago
• turn1tup / JspEncounter

  View on GitHub
  ☆122Jun 7, 2023Updated 2 years ago
• ax1sX / SecurityList

  View on GitHub
  A list for Web Security and Code Audit
  ☆1,214Dec 3, 2024Updated last year
• depycode / fastjson-c3p0

  View on GitHub
  fastjson不出网利用、c3p0
  ☆256Jul 30, 2021Updated 4 years ago