luelueking / Deserial_Sink_With_JDBCLinks
Some ReadObject Sink With JDBC
☆240Updated last year
Alternatives and similar repositories for Deserial_Sink_With_JDBC
Users that are interested in Deserial_Sink_With_JDBC are comparing it to the libraries listed below
Sorting:
- Java Js Engine Payloads All in one☆287Updated 2 years ago
- Java表达式语句生成器☆193Updated 2 years ago
- 基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本(动态执行Java/Js代码并获得回显)☆318Updated last year
- proof-of-concept for generating Java deserialization payload | Proxy MemShell☆219Updated last year
- 无需文件落地Agent内存马生成器☆246Updated last year
- Java web路由内存分析工具☆437Updated 7 months ago
- 不那么一样的 Java Agent 内存马☆288Updated 2 years ago
- CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!☆100Updated last year
- ☆229Updated 6 months ago
- A Java Route Collection Tool☆102Updated last year
- javaDeserializeLabs☆70Updated 2 years ago
- 2023白帽补天大会部分代码☆129Updated last year
- 一个专注于 Java Web 特性、配置和 Trick 的安全谜题集合☆107Updated last week
- JavaSec☆42Updated last year
- java-web 自动化鉴权绕过☆371Updated 8 months ago
- 用java实现构造openwire协议,利用activeMQ < 5.18.3 RCE 回显利用 内存马注入☆285Updated 2 years ago
- 是一些比赛中的好题,加上自己出的一些。。。☆43Updated 3 years ago
- fastjson 80 远程代码执行漏洞复现☆200Updated 3 years ago
- ☆339Updated 2 months ago
- ☆249Updated last year
- CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段☆273Updated last year
- evil-mysql-server is a malicious database written to target jdbc deserialization vulnerabilities and requires ysoserial.☆97Updated 3 years ago
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆455Updated 11 months ago
- 命令执行不回显但DNS协议出网的命令回显场景解决方案(修改为使用ceye接收请求,添加自定义DNS服务器)☆292Updated 2 years ago
- 记录一些代码审计过的源码☆180Updated 9 months ago
- CodeQL分析闭源Jar包脚本,基于Apache Ant构建CodeQL数据库☆40Updated 3 years ago
- 一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。☆171Updated 2 years ago
- A vul-finder for loading CPG and automated finding vul-call-chains☆68Updated 5 months ago
- dubbo快速利用exp,基本上老版本覆盖100%。☆160Updated 5 months ago
- A neo4j procedure for tabby☆136Updated 7 months ago