mogwailabs / rmi-deserializationLinks
Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
☆101Updated 5 years ago
Alternatives and similar repositories for rmi-deserialization
Users that are interested in rmi-deserialization are comparing it to the libraries listed below
Sorting:
- ☆111Updated 5 years ago
- ☆73Updated 3 years ago
- Apache Tomcat + MongoDB Remote Code Execution☆114Updated 4 years ago
- Web Server that serves a single file and keeps the connection open until user releases it.☆73Updated 11 years ago
- ☆58Updated 5 years ago
- kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609☆89Updated 5 years ago
- cve-2020-0688☆164Updated 5 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆152Updated 6 years ago
- Native Java serialization filter blacklist for common gadgets☆20Updated 5 years ago
- FasterXML/jackson-databind 远程代码执行漏洞☆74Updated 5 years ago
- ☆78Updated 4 years ago
- poison and relay NTLM credentials☆175Updated 6 years ago
- GreHack 2021 CodeQL for Java workshop☆75Updated 3 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Updated 6 years ago
- Nexus Repository Manager 3 Remote Code Execution without authentication < 3.15.0☆83Updated 6 years ago
- laravel 5.8 rce pop chain☆25Updated 5 years ago
- A command-line fuzzer for the Apache JServ Protocol (ajp13)☆95Updated 2 years ago
- Zimbra XXE+SSRF+UPLOAD Poc☆59Updated 6 years ago
- Papers☆34Updated 5 years ago
- django 漏洞:CVE-2020-7471 Potential SQL injection via StringAgg(delimiter) 的漏洞环境和 POC☆104Updated 5 years ago
- fastjson-1.2.47☆66Updated 6 years ago
- ☆85Updated 5 years ago
- Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12☆95Updated 2 years ago
- ☆147Updated 6 years ago
- Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.☆35Updated 5 years ago
- POC for leaking java version through file and ftp protocols☆24Updated 4 years ago
- CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE☆106Updated 6 years ago
- GitLab 11.4.7 SSRF配合redis远程执行代码☆123Updated 6 years ago
- bypass JEP290 RaspHook code☆62Updated 4 years ago
- Weblogic coherence.jar RCE☆177Updated 5 years ago