longofo / Apache-Dubbo-Hessian2-CVE-2021-43297

Related projects ⓘ

Alternatives and complementary repositories for Apache-Dubbo-Hessian2-CVE-2021-43297

• bitterzzZZ / CVE-2021-43297-POC
  CVE-2021-43297 POC，Apache Dubbo<= 2.7.13时可以实现RCE
  ☆38Updated 2 years ago
• hosch3n / FastjsonVulns
  [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
  ☆90Updated 2 years ago
• SummerSec / LookupInterface
  CodeQL 寻找 JNDI利用 Lookup接口
  ☆161Updated 2 years ago
• 0xrumble / BytecodeScreen
  ☆51Updated 2 years ago
• 0linlin0 / Java
  java
  ☆54Updated last year
• K1p2y3 / Tencent_Yun_tools
  ☁️Tencent Cloud AccessKey tools
  ☆16Updated 3 months ago
• wuppp / releaseBehinderShell
  卸载冰蝎内存马
  ☆68Updated 3 years ago
• KpLi0rn / ysoserial
  在原有yso基础上实现依赖分离，内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆68Updated 3 years ago
• woodpecker-framework / woodpecker-requests
  woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。
  ☆67Updated last year
• HackJava / Spring
  《Spring漏洞研究》
  ☆44Updated 2 years ago
• woodpecker-appstore / java-memshell-generator
  Java 内存马生成插件
  ☆49Updated last year
• lz2y / DubboPOC
  Apache Dubbo漏洞测试Demo及其POC
  ☆61Updated last year
• kyo-w / Spel-research
  Spel-research
  ☆24Updated 2 years ago
• cckuailong / YarnRpcRCE
  ☆81Updated 2 years ago
• OneSourceCat / XxlJob-Hessian-RCE
  XxlJob<=2.1.2配置不当情况下反序列化RCE
  ☆70Updated 4 years ago
• Firebasky / GoRmi
  该项目是通过go语言实现防止rmi利用被反置的问题。
  ☆44Updated 2 years ago
• turn1tup / JvmRaspBypass
  ☆4Updated 2 years ago
• zhzhdoai / Weblogic_Vuln
  CVE-2015-4852、CVE-2016-0638、CVE-2016-3510、CVE-2019-2890漏洞POC
  ☆17Updated 4 years ago
• xhycccc / Shiro-Vuln-Demo
  Shiro漏洞实例源码
  ☆25Updated 3 years ago
• SummerSec / BlogPapers
  <a href="sumsec.me"><img src="https://readme-typing-svg.demolab.com?font=Fira+Code&size=24&pause=1000&color=FDFDFD&background=13797800&ce…
  ☆53Updated this week
• passer-W / snakeyaml-memshell
  springboot跨线程注入内存马
  ☆114Updated 2 years ago
• tangxiaofeng7 / Spring-Cloud-Function-Spel
  Spring Cloud Function Spel命令执行漏洞
  ☆37Updated 2 years ago
• H3rmesk1t / Fastjson-Gadgets-Automatic-Scanner
  Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …
  ☆50Updated 2 years ago
• welk1n / FastjsonPocs
  一些结合第三方组件的Fastjson POC，在1.2.48以后版本中陆续被添加至黑名单。
  ☆55Updated 5 years ago
• Lotus6 / FileMonitor
  Java命令行文件监控小工具(代码审计)
  ☆95Updated 2 years ago