lz2y / DubboPOCLinks

Apache Dubbo漏洞测试Demo及其POC

☆65

Alternatives and similar repositories for DubboPOC

Users that are interested in DubboPOC are comparing it to the libraries listed below

Sorting:

ax1sX / SpringSecurity
A list for Spring Security
☆125Updated last year
TonyD0g / JSPHunter
基于污点分析和模拟栈帧技术的JSP Webshell检测
☆48Updated 3 months ago
woodpecker-appstore / java-memshell-generator
Java 内存马生成插件
☆54Updated 2 years ago
hosch3n / FastjsonVulns
[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
☆91Updated 3 years ago
tabby-sec / tabby-intellij-plugin
A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
☆39Updated last year
KpLi0rn / DeserializeAll
一个简单的批量反编译jar包的小脚本
☆44Updated 3 years ago
turn1tup / JvmRaspBypass
☆17Updated 3 years ago
woodpecker-framework / woodpecker-requests
woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。
☆72Updated 2 months ago
pacemrc / VulDebug
Java漏洞调试分析集合
☆91Updated last year
su18 / rasp-vuln
当死去的记忆突然开始攻击我，我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。
☆79Updated 3 years ago
yuligesec / watchvuln
一个高价值漏洞采集与推送服务 | A valueable vulnerability collection and push service
☆31Updated last year
zhzhdoai / flowspot-intellij-plugin
IntelliJ IDEA plugin for static code analysis powered by Joern.
☆62Updated last month
qi4L / Ysoserial-go
A Go library for generating Java deserialization payloads.
☆155Updated last year
freeFV / ShortPayload
如何将Java反序列化Payload极致缩小
☆66Updated 3 years ago
cwkiller / ClassLinefix
Java bytecode line number restoration tool
☆118Updated 4 months ago
longofo / Apache-Dubbo-Hessian2-CVE-2021-43297
Apache Dubbo Hessian2 CVE-2021-43297 demo
☆46Updated 3 years ago
cwkiller / JDBC-PROXY-Bypass
利用代理驱动绕过JDBC Attack检测
☆142Updated 6 months ago
l3yx / Java-RASP-Research-Env
之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境
☆71Updated last year
KpLi0rn / ysoserial
在原有yso基础上实现依赖分离，内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆68Updated 4 years ago
Lotus6 / FileMonitor
Java命令行文件监控小工具(代码审计)
☆104Updated 4 years ago
0linlin0 / Java
java
☆54Updated 2 years ago
passer-W / snakeyaml-memshell
springboot跨线程注入内存马
☆123Updated 3 years ago
kyo-w / Spel-research
Spel-research
☆26Updated 3 years ago
0xrumble / BytecodeScreen
☆50Updated 3 years ago
Rvn0xsy / DumperAnalyze
通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩，可以做一些破解、加密验证的绕过等操作
☆115Updated last year
sf197 / MemoryShellHunter
Java Agent memory horse scanner combined with Call Graph modus
☆65Updated 3 years ago
BeichenDream / JDR
☆145Updated 2 years ago
SummerSec / LookupInterface
CodeQL 寻找 JNDI利用 Lookup接口
☆166Updated 3 years ago
xiaopan233 / GenerateNoHard
本工具的定位是快速生成Java安全相关的Payload，如内存马、反序列化链、JNDI url、Fastjson等，动态生成相关Payload，并附带相应的文档。
☆93Updated 10 months ago
yyhuni / shiroMemshell
利用shiro反序列化注入冰蝎内存马
☆37Updated 4 years ago