mpgn/Spring-Boot-Actuator-Exploit external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mpgn/Spring-Boot-Actuator-Exploit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mpgn/Spring-Boot-Actuator-Exploit)

Close

mpgn / Spring-Boot-Actuator-ExploitView on GitHubMore

• External links
• Readme badge

Spring Boot Actuator (jolokia) XXE/RCE

☆325Jun 16, 2020Updated 5 years ago

Alternatives and similar repositories for Spring-Boot-Actuator-Exploit

Users that are interested in Spring-Boot-Actuator-Exploit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• veracode-research / actuator-testbed

  View on GitHub
  A vulnerable application exposing Spring Boot Actuators
  ☆123Feb 25, 2019Updated 7 years ago
• feihong-cs / Java-Rce-Echo

  View on GitHub
  Java RCE 回显测试代码
  ☆1,013Oct 15, 2020Updated 5 years ago
• wyzxxz / jndi_tool

  View on GitHub
  JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行 漏洞检测辅助工具
  ☆2,018May 21, 2024Updated 2 years ago
• LandGrey / ClassHound

  View on GitHub
  利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
  ☆714May 10, 2021Updated 5 years ago
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• c0ny1 / FastjsonExploit

  View on GitHub
  Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
  ☆1,403Dec 16, 2022Updated 3 years ago
• veracode-research / solr-injection

  View on GitHub
  Apache Solr Injection Research
  ☆580Jan 28, 2020Updated 6 years ago
• threedr3am / JSP-WebShells

  View on GitHub
  Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
  ☆1,402Jan 18, 2022Updated 4 years ago
• dr0op / WeblogicScan

  View on GitHub
  增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
  ☆962Jun 16, 2024Updated last year
• threedr3am / learnjavabug

  View on GitHub
  Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…
  ☆2,693Mar 14, 2024Updated 2 years ago
• welk1n / JNDI-Injection-Bypass

  View on GitHub
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆483Dec 9, 2020Updated 5 years ago
• TheTwitchy / xxer

  View on GitHub
  A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
  ☆519Jul 29, 2020Updated 5 years ago
• LandGrey / domainNamePredictor

  View on GitHub
  一个简单的现代化公司域名使用规律预测及生成工具
  ☆389Feb 24, 2022Updated 4 years ago
• 5up3rc / weblogic_cmd

  View on GitHub
  weblogic t3 deserialization rce
  ☆268Jul 13, 2017Updated 8 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• r35tart / Penetration_Testing_Case

  View on GitHub
  用于记录分享一些有趣的案例
  ☆867Jan 10, 2022Updated 4 years ago
• orangetw / awesome-jenkins-rce-2019

  View on GitHub
  There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
  ☆608May 17, 2019Updated 7 years ago
• c0ny1 / passive-scan-client

  View on GitHub
  Burp被动扫描流量转发插件
  ☆1,463Jun 17, 2024Updated last year
• LandGrey / spring-boot-upload-file-lead-to-rce-tricks

  View on GitHub
  spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
  ☆757Apr 14, 2021Updated 5 years ago
• c0ny1 / java-object-searcher

  View on GitHub
  java内存对象搜索辅助工具
  ☆820Sep 23, 2022Updated 3 years ago
• FunnyWolf / pystinger

  View on GitHub
  Bypass firewall for traffic forwarding using webshell
  ☆1,429Sep 29, 2021Updated 4 years ago
• opensec-cn / vtest

  View on GitHub
  用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
  ☆866Jul 21, 2019Updated 6 years ago
• LeadroyaL / fastjson-blacklist

  View on GitHub
  ☆836Jun 7, 2022Updated 4 years ago
• l3m0n / Bypass_Disable_functions_Shell

  View on GitHub
  一个各种方式突破Disable_functions达到命令执行的shell
  ☆1,195Oct 17, 2023Updated 2 years ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• r35tart / RedisWriteFile

  View on GitHub
  通过 Redis 主从写出无损文件
  ☆717May 25, 2020Updated 6 years ago
• fnmsd / MySQL_Fake_Server

  View on GitHub
  MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
  ☆1,370Nov 18, 2021Updated 4 years ago
• keven1z / weblogic_memshell

  View on GitHub
  适用于weblogic和Tomcat的无文件的内存马(memshell)
  ☆272Mar 4, 2022Updated 4 years ago
• c0ny1 / chunked-coding-converter

  View on GitHub
  Burp suite 分块传输辅助插件
  ☆2,034Feb 23, 2022Updated 4 years ago
• 1120362990 / vulnerability-list

  View on GitHub
  在渗透测试中快速检测常见中间件、组件的高危漏洞。
  ☆724Mar 21, 2022Updated 4 years ago
• uknowsec / Active-Directory-Pentest-Notes

  View on GitHub
  个人域渗透学习笔记
  ☆1,803Feb 7, 2020Updated 6 years ago
• wuppp / shiro_rce_exp

  View on GitHub
  Shiro RCE (Padding Oracle Attack)
  ☆148Nov 15, 2019Updated 6 years ago
• threedr3am / ysoserial

  View on GitHub
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.优化了一些东西。
  ☆212Jan 17, 2022Updated 4 years ago
• petercunha / jenkins-rce

  View on GitHub
  Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
  ☆298Jun 10, 2019Updated 6 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Ivan1ee / NET-Deserialize

  View on GitHub
  总结了20+.Net反序列化文章，持续更新
  ☆746Apr 3, 2024Updated 2 years ago
• lufeirider / CVE-2019-2725

  View on GitHub
  CVE-2019-2725 命令回显
  ☆433May 8, 2023Updated 3 years ago
• fofapro / Hosts_scan

  View on GitHub
  这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
  ☆1,193Apr 30, 2019Updated 7 years ago
• bitterzzZZ / MemoryShellLearn

  View on GitHub
  分享几个直接可用的内存马，记录一下学习过程中看过的文章
  ☆984Mar 23, 2022Updated 4 years ago
• chennqqi / godnslog

  View on GitHub
  An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
  ☆468Updated this week
• wh1t3p1g / ysomap

  View on GitHub
  A helpful Java Deserialization exploit framework.
  ☆1,240Feb 17, 2025Updated last year
• LangziFun / LangSrcCurise

  View on GitHub
  SRC子域名资产监控
  ☆1,298Jan 14, 2021Updated 5 years ago