mogwaisec / mjet
Mogwai Java Management Extensions (JMX) Exploitation Toolkit
☆172Updated 8 years ago
Related projects: ⓘ
- JRE8u20_RCE_Gadget☆251Updated 8 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆209Updated 5 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆349Updated 2 years ago
- CVE-2018-2893-PoC☆104Updated 5 years ago
- poison and relay NTLM credentials☆172Updated 5 years ago
- A Java serializer in JavaScript☆82Updated 6 years ago
- CVE-2019-3396 confluence SSTI RCE☆173Updated 3 years ago
- YSOSERIAL Integration with burp suite☆160Updated last year
- CVE-2018-3245-PoC☆167Updated 3 years ago
- CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script☆135Updated 6 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116Updated 5 years ago
- Central Repo for Burp extensions☆146Updated 2 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Updated 5 years ago
- procfs-based PHP sandbox bypass☆133Updated 6 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆216Updated 7 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆149Updated 5 years ago
- ☆112Updated this week
- Apache Tomcat Remote Code Execution on Windows☆185Updated 4 years ago
- WSDL Parser extension for Burp☆206Updated 6 years ago
- A static byte code analyzer for Java deserialization gadget research☆242Updated 7 years ago
- ☆130Updated this week
- (Deprecated) HQLmap, Automatic tool to exploit HQL injections☆223Updated 4 years ago
- java unserialize vul for weblogic exploit☆177Updated 6 years ago
- Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.☆35Updated 4 years ago
- A tool that checks and downloads scripts that will aid with privilege escalation on a Windows system.☆170Updated 8 years ago
- JNDI Attacking Tool☆236Updated 2 years ago
- Java serialization brute force attack tool.☆123Updated 7 years ago
- CVE-2018-7600 - Drupal 7.x RCE☆71Updated 6 years ago
- Oracle WebLogic WLS-WSAT Remote Code Execution Exploit (CVE-2017-10271)☆125Updated 2 years ago
- Creates a SOCK proxy server that transmits data over an SSRF vulnerability☆115Updated 12 years ago