fastjson一键命令执行
☆552Jul 21, 2020Updated 5 years ago
Alternatives and similar repositories for fastjson_rec_exploit
Users that are interested in fastjson_rec_exploit are comparing it to the libraries listed below
Sorting:
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,014May 21, 2024Updated last year
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,389Dec 16, 2022Updated 3 years ago
- 一个简单的Fastjson反序列化检�测burp插件☆970Jun 18, 2021Updated 4 years ago
- 通达OA综合利用工具☆516Mar 17, 2021Updated 5 years ago
- shiro 反序列 命令执行辅助检测工具☆1,564May 21, 2024Updated last year
- Shiro反序列化利用工具,支持新版本(AES-GCM)Shiro的key爆破,配合ysoserial,生成回显Payload☆896May 28, 2021Updated 4 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆125May 14, 2021Updated 4 years ago
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆772Jan 26, 2022Updated 4 years ago
- Shiro550/Shiro721 一键�化利用工具,支持多种回显方式☆1,953Jun 4, 2021Updated 4 years ago
- 一款基于BurpSuite的被动式FastJson检测插件☆1,237Oct 1, 2022Updated 3 years ago
- Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)☆878Dec 16, 2022Updated 3 years ago
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,468Apr 25, 2024Updated last year
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,050Oct 7, 2022Updated 3 years ago
- Spring漏洞综合利用工具☆674Jul 5, 2023Updated 2 years ago
- 一款可以在不出网的环境下进行反向代理及cs上线的工具☆491Apr 26, 2023Updated 2 years ago
- Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。☆1,008Jan 26, 2022Updated 4 years ago
- Shiro<=1.2.4反序列化,一键检测工具☆987Mar 4, 2021Updated 5 years ago
- 阿里云accesskey利用工具☆1,225Apr 8, 2022Updated 3 years ago
- 六大云存储,泄露利用检测工具☆1,245Mar 28, 2025Updated 11 months ago
- CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks☆840Jun 13, 2023Updated 2 years ago
- Fastjson <= 1.2.47 远程命令执行漏洞利用工�具及方法☆400Jan 24, 2025Updated last year
- 对目标域名进行快速的存活扫描、简单的指纹识别、目录扫描☆913Dec 8, 2022Updated 3 years ago
- heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等☆1,434May 21, 2024Updated last year
- WeblogicTool,GUI漏洞利用工具,支持漏洞检测、命令执行、内存马注入、密码解密等(深信服深蓝实验室天威��战队强力驱动)☆1,776Nov 1, 2023Updated 2 years ago
- 一款基于BurpSuite的被动式shiro检测插件☆1,797Dec 14, 2022Updated 3 years ago
- 自动化爬取并自动测试所有swagger接口☆1,165Dec 1, 2025Updated 3 months ago
- 修改frp支持域前置与配置文件自删除☆397Dec 31, 2020Updated 5 years ago
- fastjson利用,支持tomcat、spring回显,哥斯拉内存马;回显利用链为dhcp、ibatis、c3p0。☆327Mar 15, 2022Updated 4 years ago
- 致远OA综合利用工具☆417Jun 3, 2021Updated 4 years ago
- Bypass firewall for traffic forwarding using webshell☆1,430Sep 29, 2021Updated 4 years ago
- A Swagger API Exploit☆1,369Jun 7, 2024Updated last year
- 红队作战中比较常遇到的一些重点系统漏洞整理。☆2,521Jul 17, 2021Updated 4 years ago
- HeapDump敏感信息提取工具☆1,638Dec 15, 2025Updated 3 months ago
- domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等☆2,118Mar 3, 2026Updated 2 weeks ago
- 冰蝎 哥斯拉 WebShell bypass☆763Jan 15, 2026Updated 2 months ago
- OAExploit一款基于产品的一键扫描工具。☆1,481Sep 20, 2022Updated 3 years ago
- 掩日 - 免杀执行器生成工具☆2,755Aug 18, 2025Updated 7 months ago
- Fastjson姿势技巧集合☆1,833Oct 20, 2023Updated 2 years ago
- A flexible scanner☆1,274Aug 22, 2025Updated 7 months ago