kingkaki / Struts2-VulenvLinks
struts2 漏洞环境源代码
☆75Updated 3 years ago
Alternatives and similar repositories for Struts2-Vulenv
Users that are interested in Struts2-Vulenv are comparing it to the libraries listed below
Sorting:
- 关于Struts2框架的历史漏洞个人分析文章☆54Updated 5 years ago
- fastjson 1.2.68 版本 autotype bypass☆141Updated 3 years ago
- 又一款敏感文件泄漏检测工具☆105Updated 6 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆102Updated 5 years ago
- RMI 反序列化环境 一步步☆215Updated 5 years ago
- ☆61Updated 5 years ago
- 收集整理一些漏洞,利用方法,poc等等,方便快速查阅☆59Updated 4 years ago
- ☆142Updated 4 years ago
- Shiro RememberMe 1.2.4 反序列化 漏洞☆55Updated 5 years ago
- RememberMe Padding Oracle Vulnerability RCE☆71Updated 5 years ago
- WebLogic EJBTaglibDescriptor XXE漏洞(CVE-2019-2888)☆59Updated 5 years ago
- Reference:https://www.w2n1ck.com/article/44/☆155Updated 5 years ago
- Test repository for verifying compatibility between adjacent minor versions☆36Updated 6 months ago
- ☆58Updated 5 years ago
- 一款高效的参数fuzz工具|A faster param fuzzing test tool☆102Updated 4 years ago
- Redis RCE 的几种方法☆90Updated last year
- 又一个Java Web代码审计工具☆100Updated 7 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆167Updated 6 years ago
- 🐸fingerprint detect framework 批量深度指纹识别框架☆121Updated 2 years ago
- ☆58Updated 5 years ago
- bypass JEP290 RaspHook code☆62Updated 5 years ago
- fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.☆227Updated 2 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213Updated 5 years ago
- 个人用于在自动化挖掘gadget时,方便查找gadget chains中class所在jar包,以助于便捷审计测试gadget有效性的那么一个小工具。☆60Updated 5 years ago
- DSO-Lab 漏洞研究成果整理☆83Updated 3 years ago
- CAS 硬编码 远程代码执行漏洞☆126Updated 4 years ago
- TongASDP漏洞测试环境☆35Updated 2 years ago
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆126Updated 5 years ago
- xxl-job RESTful API RCE☆72Updated 4 years ago
- Java After-Deserialization Attack☆79Updated 4 years ago