mogwailabs / rmi-deserializationLinks
Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
☆100Updated 5 years ago
Alternatives and similar repositories for rmi-deserialization
Users that are interested in rmi-deserialization are comparing it to the libraries listed below
Sorting:
- ☆111Updated 5 years ago
- Web Server that serves a single file and keeps the connection open until user releases it.☆73Updated 11 years ago
- ☆73Updated 3 years ago
- cve-2020-0688☆164Updated 5 years ago
- Apache Tomcat + MongoDB Remote Code Execution☆114Updated 4 years ago
- kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609☆89Updated 5 years ago
- Native Java serialization filter blacklist for common gadgets☆20Updated 5 years ago
- ☆58Updated 5 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Updated 6 years ago
- Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12☆95Updated 2 years ago
- GitLab 11.4.7 SSRF配合redis远程执行代码☆123Updated 6 years ago
- poison and relay NTLM credentials☆175Updated 6 years ago
- A command-line fuzzer for the Apache JServ Protocol (ajp13)☆93Updated 2 years ago
- CVE-2020-5398 - RFD(Reflected File Download) Attack for Spring MVC☆86Updated 2 years ago
- Nexus Repository Manager 3 Remote Code Execution without authentication < 3.15.0☆83Updated 5 years ago
- Weblogic coherence.jar RCE☆177Updated 5 years ago
- fastjson-1.2.47☆66Updated 5 years ago
- A fake JDBC driver that allows OS command execution.☆125Updated 2 years ago
- Papers☆34Updated 5 years ago
- ☆85Updated 5 years ago
- ☆78Updated 4 years ago
- POC for CVE-2018-1273☆24Updated 7 years ago
- GreHack 2021 CodeQL for Java workshop☆75Updated 3 years ago
- ☆147Updated 6 years ago
- django 漏洞:CVE-2020-7471 Potential SQL injection via StringAgg(delimiter) 的漏洞环境和 POC☆104Updated 5 years ago
- CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE☆106Updated 6 years ago
- ☆101Updated last year
- CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE☆62Updated 2 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆152Updated 6 years ago
- Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.☆35Updated 5 years ago