fastjson一键命令执行
☆551Jul 21, 2020Updated 5 years ago
Alternatives and similar repositories for fastjson_rec_exploit
Users that are interested in fastjson_rec_exploit are comparing it to the libraries listed below
Sorting:
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,012May 21, 2024Updated last year
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,389Dec 16, 2022Updated 3 years ago
- 一个简单的Fastjson反序列化检测burp插件☆970Jun 18, 2021Updated 4 years ago
- 通达OA综合利用工具☆516Mar 17, 2021Updated 4 years ago
- shiro 反序列 命令执行辅助检测工具☆1,561May 21, 2024Updated last year
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆770Jan 26, 2022Updated 4 years ago
- Shiro反序列化利用工具,支持新版本(AES-GCM)Shiro的key爆破,配合ysoserial,生成回显Payload☆897May 28, 2021Updated 4 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆124May 14, 2021Updated 4 years ago
- Shiro550/Shiro721 一键化利用工具,支持多种回显方式☆1,950Jun 4, 2021Updated 4 years ago
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,050Oct 7, 2022Updated 3 years ago
- 一款基于BurpSuite的被动式FastJson检测插件☆1,238Oct 1, 2022Updated 3 years ago
- Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)☆877Dec 16, 2022Updated 3 years ago
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,467Apr 25, 2024Updated last year
- CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks☆841Jun 13, 2023Updated 2 years ago
- Spring漏洞综合利用工具☆675Jul 5, 2023Updated 2 years ago
- 一款可以在不出网的环境下进行反向代理及cs上线的工具☆491Apr 26, 2023Updated 2 years ago
- WeblogicTool,GUI漏洞利用工具,支持漏洞检测、命令执行、内存马注入、密码解密等(深信服深蓝实验室天威战队强力驱动)☆1,773Nov 1, 2023Updated 2 years ago
- Shiro<=1.2.4反序列化,一键检测工具☆988Mar 4, 2021Updated 4 years ago
- Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。☆1,008Jan 26, 2022Updated 4 years ago
- 六大云存储,泄露利用检测工具☆1,241Mar 28, 2025Updated 11 months ago
- heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等☆1,433May 21, 2024Updated last year
- 阿里云accesskey利用工具☆1,225Apr 8, 2022Updated 3 years ago
- 致远OA综合利用工具☆418Jun 3, 2021Updated 4 years ago
- 自动化爬取并自动测试所有swagger接口☆1,162Dec 1, 2025Updated 3 months ago
- fastjson利用,支持tomcat、spring回显,哥斯拉内存马;回显利用链为dhcp、ibatis、c3p0。☆327Mar 15, 2022Updated 3 years ago
- 修改frp支持域前置与配置文件自删除☆397Dec 31, 2020Updated 5 years ago
- 一款基于BurpSuite的被动式shiro检测插件☆1,795Dec 14, 2022Updated 3 years ago
- HeapDump敏感信息提取工具☆1,632Dec 15, 2025Updated 2 months ago
- 冰蝎 哥斯拉 WebShell bypass☆763Jan 15, 2026Updated last month
- 对目标域名进行快速的存活扫描、简单的指纹识别、目录扫描☆915Dec 8, 2022Updated 3 years ago
- A Swagger API Exploit☆1,370Jun 7, 2024Updated last year
- Fastjson姿势技巧集�合☆1,825Oct 20, 2023Updated 2 years ago
- Bypass firewall for traffic forwarding using webshell☆1,430Sep 29, 2021Updated 4 years ago
- 冰蝎Java WebShell自动化免杀生成☆783Mar 15, 2022Updated 3 years ago
- OAExploit一款基于产品的一键扫描工具。☆1,482Sep 20, 2022Updated 3 years ago
- 掩日 - 免杀执行器生成工具☆2,759Aug 18, 2025Updated 6 months ago
- AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS…☆779Feb 13, 2025Updated last year
- Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法☆400Jan 24, 2025Updated last year
- OA综合利用工具,集合将近20款OA漏洞批量扫描☆1,340Oct 28, 2023Updated 2 years ago