potats0/shiroPoc external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

potats0/shiroPoc

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/potats0/shiroPoc)

Close

potats0 / shiroPocView on GitHubMore

• External links
• Readme badge

☆318Jun 4, 2021Updated 4 years ago

Alternatives and similar repositories for shiroPoc

Users that are interested in shiroPoc are comparing it to the libraries listed below

• feihong-cs / ShiroExploit-Deprecated

  View on GitHub
  Shiro550/Shiro721 一键化利用工具，支持多种回显方式
  ☆1,951Jun 4, 2021Updated 4 years ago
• wyzxxz / jndi_tool

  View on GitHub
  JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行 漏洞检测辅助工具
  ☆2,012May 21, 2024Updated last year
• Y4er / WebLogic-Shiro-shell

  View on GitHub
  WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell
  ☆535Aug 25, 2020Updated 5 years ago
• sv3nbeast / ShiroScan

  View on GitHub
  Shiro<=1.2.4反序列化，一键检测工具
  ☆987Mar 4, 2021Updated 5 years ago
• Y4er / CVE-2020-2551

  View on GitHub
  Weblogic IIOP CVE-2020-2551
  ☆339Apr 7, 2020Updated 5 years ago
• feihong-cs / Java-Rce-Echo

  View on GitHub
  Java RCE 回显测试代码
  ☆1,016Oct 15, 2020Updated 5 years ago
• FunnyWolf / pystinger

  View on GitHub
  Bypass firewall for traffic forwarding using webshell
  ☆1,430Sep 29, 2021Updated 4 years ago
• threedr3am / JSP-WebShells

  View on GitHub
  Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
  ☆1,404Jan 18, 2022Updated 4 years ago
• bigsizeme / shiro-check

  View on GitHub
  Shiro反序列化回显利用、内存shell、检查 Burp插件
  ☆217Sep 1, 2022Updated 3 years ago
• Ares-X / shiro-exploit

  View on GitHub
  Shiro反序列化利用工具，支持新版本(AES-GCM)Shiro的key爆破，配合ysoserial，生成回显Payload
  ☆896May 28, 2021Updated 4 years ago
• jas502n / Shiro_Xray

  View on GitHub
  CommonsBeanutils1,CommonsCollectionsK1
  ☆58Nov 16, 2020Updated 5 years ago
• iSafeBlue / fastjson-autotype-bypass-demo

  View on GitHub
  fastjson 1.2.68 版本 autotype bypass
  ☆142Jun 17, 2022Updated 3 years ago
• Ch1ngg / JCE

  View on GitHub
  JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本
  ☆258Oct 29, 2021Updated 4 years ago
• uknowsec / BurpSuite-Extender-fastjson

  View on GitHub
  Reference：https://www.w2n1ck.com/article/44/
  ☆155Mar 7, 2020Updated 5 years ago
• zema1 / ysoserial

  View on GitHub
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆357Sep 20, 2022Updated 3 years ago
• pandasec888 / taowu-cobalt_strike

  View on GitHub
  ☆1,821Nov 24, 2025Updated 3 months ago
• uknowsec / SharpToolsAggressor

  View on GitHub
  内网渗透中常用的c#程序整合成cs脚本，直接内存加载。持续更新~
  ☆498Feb 13, 2020Updated 6 years ago
• timwhitez / crawlergo_x_XRAY

  View on GitHub
  360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
  ☆1,183Nov 10, 2021Updated 4 years ago
• pmiaowu / BurpShiroPassiveScan

  View on GitHub
  一款基于BurpSuite的被动式shiro检测插件
  ☆1,796Dec 14, 2022Updated 3 years ago
• Slzdude / behinder_source

  View on GitHub
  Behinder3.0 Beta4 源码（Decompile and Fixed）
  ☆207Sep 1, 2020Updated 5 years ago
• lengjibo / RedTeamTools

  View on GitHub
  记录自己编写、修改的部分工具
  ☆1,461Oct 19, 2025Updated 4 months ago
• QAX-A-Team / sharpwmi

  View on GitHub
  sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。
  ☆716Aug 3, 2021Updated 4 years ago
• c0ny1 / FastjsonExploit

  View on GitHub
  Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
  ☆1,389Dec 16, 2022Updated 3 years ago
• pmiaowu / BurpFastJsonScan

  View on GitHub
  一款基于BurpSuite的被动式FastJson检测插件
  ☆1,237Oct 1, 2022Updated 3 years ago
• wyzxxz / shiro_rce_tool

  View on GitHub
  shiro 反序列 命令执行辅助检测工具
  ☆1,563May 21, 2024Updated last year
• broken5 / WebAliveScan

  View on GitHub
  对目标域名进行快速的存活扫描、简单的指纹识别、目录扫描
  ☆915Dec 8, 2022Updated 3 years ago
• r35tart / RedisWriteFile

  View on GitHub
  通过 Redis 主从写出无损文件
  ☆719May 25, 2020Updated 5 years ago
• cbwang505 / CVE-2019-0708-EXP-Windows

  View on GitHub
  CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell
  ☆321Jan 21, 2020Updated 6 years ago
• c0ny1 / chunked-coding-converter

  View on GitHub
  Burp suite 分块传输辅助插件
  ☆2,023Feb 23, 2022Updated 4 years ago
• Tycx2ry / SweetPotato_CS

  View on GitHub
  修改的SweetPotato，使之可以用于CobaltStrike v4.0
  ☆246Apr 30, 2020Updated 5 years ago
• Y4er / fastjson-bypass-autotype-1.2.68

  View on GitHub
  fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
  ☆229Oct 12, 2022Updated 3 years ago
• r0eXpeR / redteam_vul

  View on GitHub
  红队作战中比较常遇到的一些重点系统漏洞整理。
  ☆2,522Jul 17, 2021Updated 4 years ago
• shack2 / skyscorpion

  View on GitHub
  新版将不再对外公开发布。天蝎权限管理工具采用Java平台的JavaFX技术开发的桌面客户端，支持跨平台运行，目前基于JDK1.8开发，运行必须安装JDK或JRE 1.8，注意不能是open jdk，只能是oracle的jdk。 天蝎权限管理工具基于冰蝎加密流量进行WebSh…
  ☆387Mar 22, 2021Updated 4 years ago
• fupinglee / ShiroScan

  View on GitHub
  Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)
  ☆877Dec 16, 2022Updated 3 years ago
• QAX-A-Team / BrowserGhost

  View on GitHub
  这是一个抓取浏览器密码的工具，后续会添加更多功能
  ☆1,455May 21, 2022Updated 3 years ago
• ShiHuang-ESec / EHole

  View on GitHub
  EHole(棱洞)-红队重点攻击系统指纹探测工具
  ☆471Jan 27, 2021Updated 5 years ago
• uknowsec / frpModify

  View on GitHub
  修改frp支持域前置与配置文件自删除
  ☆397Dec 31, 2020Updated 5 years ago
• dr0op / WeblogicScan

  View on GitHub
  增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
  ☆968Jun 16, 2024Updated last year
• NS-Sp4ce / TongDaOA-Fake-User

  View on GitHub
  通达OA 任意用户登录漏洞
  ☆360Aug 27, 2020Updated 5 years ago