pawelkaliniakit / springboot-freemarker-ssti

Related projects: ⓘ

• H3rmesk1t / Fastjson-Gadgets-Automatic-Scanner
  Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …
  ☆51Updated 2 years ago
• guguyu1 / log4j2_burp_scan
  ☆26Updated this week
• LandGrey / xxe-ftp-server
  xxe oob receive file via web and ftp server
  ☆92Updated 4 years ago
• shadowsock5 / ysoserial
  mvn clean package -DskipTests
  ☆45Updated last year
• zer0yu / BugBounty
  web fuzzing && bug hunter
  ☆59Updated 2 years ago
• EmYiQing / Burpsuite-UAScan
  ☆50Updated this week
• MrMeizhi / ysoserial-mangguogan
  ☆4Updated 4 years ago
• BrucessKING / CVE-2021-36749
  Apache Druid 任意文件读取
  ☆34Updated 2 years ago
• No4l / Burp4SSRF
  burp extension for SSRF
  ☆25Updated last year
• 0xrumble / BytecodeScreen
  ☆51Updated last year
• knightswd / NoPacScan
  NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script
  ☆84Updated 2 years ago
• jas502n / GitlabVer
  gitlab version index
  ☆59Updated 2 years ago
• SummerSec / LookupInterface
  CodeQL 寻找 JNDI利用 Lookup接口
  ☆159Updated 2 years ago
• bit4woo / burp-api-common
  common methods that used by my burp extension projects
  ☆47Updated 5 months ago
• welk1n / FastjsonPocs
  一些结合第三方组件的Fastjson POC，在1.2.48以后版本中陆续被添加至黑名单。
  ☆53Updated 4 years ago
• fa1c0n1 / MyJSPWebshell
  My collection of various of JSP Webshell.
  ☆35Updated 2 years ago
• zha0gongz1 / Pentest_MindMap
  个人翻译/总结渗透测试思维导图
  ☆28Updated 2 years ago
• OneSourceCat / XxlJob-Hessian-RCE
  XxlJob<=2.1.2配置不当情况下反序列化RCE
  ☆66Updated 3 years ago
• SummerSec / BlogPapers
  <a href="sumsec.me"><img src="https://readme-typing-svg.demolab.com?font=Fira+Code&size=24&pause=1000&color=FDFDFD&background=13797800&ce…
  ☆52Updated this week
• YoungRichOG / Hosts_Boom
  通过hosts碰撞发现目标内部系统，扩大攻击面。
  ☆46Updated 3 years ago
• k3rwin / spring-cloud-gateway-rce
  spring-cloud-gateway-rce CVE-2022-22947
  ☆13Updated 2 years ago
• hhxy / e-message_exp
  e-mesaage <=4.15 后台jar包上传exp
  ☆46Updated 5 years ago
• tangxiaofeng7 / JavaLearning
  Learning JAVA for Security
  ☆32Updated 2 years ago
• Rvn0xsy / red-tldr-db
  Red TL;DR Database is a set of text data that provides search for red-tldr. If you don’t know red-tldr yet, please read the documentation…
  ☆42Updated 2 years ago
• SecCoder-Security-Lab / spring-cloud-netflix-hystrix-dashboard-cve-2021-22053
  Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability CVE-2021-22053
  ☆37Updated last year
• EmYiQing / XiuScan
  ☆98Updated this week
• EmYiQing / ShiroMemShell
  ☆27Updated this week
• zer0yu / xrecon
  xrecon is a powerful web fingerprinting tool with CDN detection capabilities
  ☆33Updated last month
• Maskhe / BugBountyNotes
  简单记录下自己在挖掘SRC
  ☆31Updated 4 years ago
• iSafeBlue / presentation-slides
  ☆34Updated 2 years ago