lz2y / DubboPOC

Apache Dubbo漏洞测试Demo及其POC

☆61

Related projects ⓘ

Alternatives and complementary repositories for DubboPOC

yuligesec / watchvuln
一个高价值漏洞采集与推送服务 | A valueable vulnerability collection and push service
☆31Updated last month
Le1a / CVE-2023-33246
Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit
☆76Updated last year
kyo-w / Spel-research
Spel-research
☆24Updated 2 years ago
threedr3am / dubbo-exp
dubbo快速利用exp，基本上老版本覆盖100%。
☆102Updated 10 months ago
ax1sX / MemShell
MemShell List
☆78Updated last year
woodpecker-appstore / java-memshell-generator
Java 内存马生成插件
☆50Updated last year
su18 / rasp-vuln
当死去的记忆突然开始攻击我，我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。
☆78Updated 2 years ago
wh1t3p1g / tabby-intellij-plugin
A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
☆30Updated last week
woodpecker-framework / woodpecker-requests
woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。
☆67Updated last year
KpLi0rn / DeserializeAll
一个简单的批量反编译jar包的小脚本
☆30Updated 2 years ago
Lotus6 / FileMonitor
Java命令行文件监控小工具(代码审计)
☆95Updated 2 years ago
hosch3n / FastjsonVulns
[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
☆90Updated 2 years ago
AfterSnows / ApricusFindEvil
检测查杀java内存马
☆74Updated 11 months ago
KpLi0rn / ShiroVulnEnv
Shiro内存马注入环境
☆58Updated 3 years ago
webraybtl / ysoserialbtl
基于ysoserial扩展命令执行结果回显，生成冰蝎内存马
☆85Updated last year
KpLi0rn / ysoserial
在原有yso基础上实现依赖分离，内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆68Updated 3 years ago
l3yx / Java-RASP-Research-Env
之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境
☆51Updated last month
xiaopan233 / GenerateNoHard
本工具的定位是快速生成Java安全相关的Payload，如内存马、反序列化链、JNDI url、Fastjson等，动态生成相关Payload，并附带相应的文档。
☆90Updated 2 years ago
turn1tup / JvmRaspBypass
☆4Updated 2 years ago
qi4L / Ysoserial-go
A Go library for generating Java deserialization payloads.
☆158Updated 2 months ago
keven1z / simpleIAST
simpleIAST- 基于污点追踪的灰盒漏洞扫描工具。
☆13Updated last week
longofo / Apache-Dubbo-Hessian2-CVE-2021-43297
Apache Dubbo Hessian2 CVE-2021-43297 demo
☆46Updated 2 years ago
cckuailong / YarnRpcRCE
☆81Updated 3 years ago
TonyD0g / JSPHunter
基于污点分析和模拟栈帧技术的JSP Webshell检测
☆44Updated last month
wh1t3p1g / tabby-vul-finder
A vul-finder for loading CPG and automated finding vul-call-chains
☆35Updated last month
0linlin0 / Java
java
☆54Updated last year
godzeo / go-gin-vul
GO语言漏洞靶场 GIN框架支持docker一键启动
☆75Updated last year
K1p2y3 / Tencent_Yun_tools
☁️Tencent Cloud AccessKey tools
☆16Updated 4 months ago
pho3n1x-web / HTTPServerGO
这是一个用Go编写的红队内网环境中一个能快速开启HTTP文件浏览服务的小工具，能够执行shell命令,可以执行webshell
☆70Updated last year