langligelang / maobugsView external linksLinks
java 漏洞平台包含各种CVE
☆23Jun 17, 2022Updated 3 years ago
Alternatives and similar repositories for maobugs
Users that are interested in maobugs are comparing it to the libraries listed below
Sorting:
- POC for XStream RCE☆13Dec 23, 2013Updated 12 years ago
- ☆41Mar 10, 2021Updated 4 years ago
- Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data☆26Jul 12, 2021Updated 4 years ago
- 后渗透持久化控制平台; Windows Persistence Platform;☆46Sep 16, 2021Updated 4 years ago
- 宽字节安全团队的博客☆31Mar 29, 2021Updated 4 years ago
- Native Java serialization filter blacklist for common gadgets☆20Sep 12, 2019Updated 6 years ago
- 攻击Java Web应用-[Java Web安全]☆12Dec 10, 2019Updated 6 years ago
- Environment for CVE-2018-1273 (Spring Data Commons)☆10Aug 15, 2018Updated 7 years ago
- Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"☆101Sep 20, 2019Updated 6 years ago
- 国密SM2/SM3/SM4加解密工具☆14May 9, 2022Updated 3 years ago
- ☆12Aug 5, 2021Updated 4 years ago
- ☆12May 9, 2017Updated 8 years ago
- 能过卡巴、核晶、defender等杀软的dump lsass进程工具☆12Sep 25, 2022Updated 3 years ago
- Discuz3.x代码注入☆11Jul 14, 2019Updated 6 years ago
- CVE-2020-13933 靶场: shiro 认证绕过漏洞☆14Apr 9, 2023Updated 2 years ago
- 超硬核!使用图数据技术发现软件漏洞☆185Sep 1, 2021Updated 4 years ago
- Redis RCE 的几种方法☆90Jun 5, 2024Updated last year
- CAS 硬编码 远程代码执行漏洞☆125Jun 4, 2021Updated 4 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- ☆61Sep 21, 2020Updated 5 years ago
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆269Mar 4, 2022Updated 3 years ago
- Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.☆35Mar 2, 2020Updated 5 years ago
- Example nginx backdoor via malicious plugin☆48Mar 3, 2022Updated 3 years ago
- redteam Build platform☆19Nov 13, 2023Updated 2 years ago
- 使用docker-compose一键快速搭建ezXSS环境☆19Aug 26, 2020Updated 5 years ago
- Winning submission for the GitHub Security Lab CTF 4: CodeQL and Chill - The Java Edition☆19Jun 25, 2020Updated 5 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- 利用链、漏洞检测工具☆373Jul 31, 2024Updated last year
- 渗透技术栈☆20May 28, 2019Updated 6 years ago
- This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).☆17Jun 4, 2021Updated 4 years ago
- masscan cgo demo☆20Jul 23, 2021Updated 4 years ago
- ☆44Oct 23, 2022Updated 3 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Feb 25, 2019Updated 6 years ago
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆125Jul 17, 2020Updated 5 years ago
- solution to buggyLoader of 0CTF/TCTF 2021 Finals☆20Sep 27, 2021Updated 4 years ago
- My solution for GitHub Security Lab CTF 4: CodeQL and Chill - The Java Edition☆19Jun 10, 2020Updated 5 years ago
- Spring Boot Actuator + Spring Cloud Vul Env☆19Dec 25, 2019Updated 6 years ago
- JVM runtime class loading protection agent.(JVM类加载保护agent)☆49Mar 25, 2021Updated 4 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆183Apr 23, 2021Updated 4 years ago