mogwailabs / deserialization-filter-blacklists
Native Java serialization filter blacklist for common gadgets
☆20Updated 5 years ago
Alternatives and similar repositories for deserialization-filter-blacklists:
Users that are interested in deserialization-filter-blacklists are comparing it to the libraries listed below
- POC for leaking java version through file and ftp protocols☆24Updated 4 years ago
- A Zhiyuan OA Collaborative Office Remote Code Execution Vulnerability on Windows☆36Updated 5 years ago
- Papers☆34Updated 5 years ago
- Burpsuite Plugin For AES Crack☆37Updated 4 years ago
- Dependencies with Log4j2 Checklist☆35Updated 3 years ago
- 蚁剑其他脚本AES编/解码器☆36Updated 5 years ago
- Spring Boot Actuator + Spring Cloud Vul Env☆19Updated 5 years ago
- 漏洞测试环境 - 方便写扫描器利用复现☆27Updated 5 years ago
- Jira未授权SSRF漏洞☆31Updated 5 years ago
- ☆12Updated 7 years ago
- A fastjson payload generator☆57Updated 4 years ago
- a Burp Extender that add an random X-Forward-For IP address for each request☆31Updated 8 years ago
- ☆19Updated 4 years ago
- CVE-2019-2890 WebLogic 反序列化RCE漏洞☆43Updated 5 years ago
- Proof of concept for Weblogic CVE-2020-2883☆14Updated 4 years ago
- Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information …☆15Updated 2 years ago
- some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute☆69Updated 4 years ago
- 几条关于CVE-2020-15148(yii2反序列化)的绕过☆76Updated 4 years ago
- ☆58Updated 4 years ago
- autoType enable☆36Updated 5 years ago
- ☆69Updated 6 years ago
- CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process…☆25Updated 4 years ago
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet☆49Updated 3 years ago
- source code of XCTF 2019 Final web task "tfboys"☆29Updated 2 years ago
- The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.☆20Updated 6 years ago
- 用WebShell攻击PHP-FPM Attacking PHP-FPM with WebShell☆41Updated 3 years ago