potats0/shiroPoc

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/potats0/shiroPoc)

potats0 / shiroPoc

☆318

Alternatives and similar repositories for shiroPoc

Users that are interested in shiroPoc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

feihong-cs / ShiroExploit-Deprecated
View on GitHub
Shiro550/Shiro721 一键化利用工具，支持多种回显方式
☆1,953Jun 4, 2021Updated 4 years ago
wyzxxz / jndi_tool
View on GitHub
JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具
☆2,014May 21, 2024Updated last year
Y4er / WebLogic-Shiro-shell
View on GitHub
WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell
☆535Aug 25, 2020Updated 5 years ago
sv3nbeast / ShiroScan
View on GitHub
Shiro<=1.2.4反序列化，一键检测工具
☆987Mar 4, 2021Updated 5 years ago
FunnyWolf / pystinger
View on GitHub
Bypass firewall for traffic forwarding using webshell
☆1,431Sep 29, 2021Updated 4 years ago
Managed Kubernetes at scale on DigitalOcean • Ad
DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
feihong-cs / Java-Rce-Echo
View on GitHub
Java RCE 回显测试代码
☆1,015Oct 15, 2020Updated 5 years ago
jas502n / Shiro_Xray
View on GitHub
CommonsBeanutils1,CommonsCollectionsK1
☆58Nov 16, 2020Updated 5 years ago
Y4er / CVE-2020-2551
View on GitHub
Weblogic IIOP CVE-2020-2551
☆338Apr 7, 2020Updated 5 years ago
Ares-X / shiro-exploit
View on GitHub
Shiro反序列化利用工具，支持新版本(AES-GCM)Shiro的key爆破，配合ysoserial，生成回显Payload
☆896May 28, 2021Updated 4 years ago
threedr3am / JSP-WebShells
View on GitHub
Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
☆1,405Jan 18, 2022Updated 4 years ago
zema1 / ysoserial
View on GitHub
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆357Sep 20, 2022Updated 3 years ago
pandasec888 / taowu-cobalt_strike
View on GitHub
☆1,825Nov 24, 2025Updated 4 months ago
uknowsec / BurpSuite-Extender-fastjson
View on GitHub
Reference：https://www.w2n1ck.com/article/44/
☆155Mar 7, 2020Updated 6 years ago
iSafeBlue / fastjson-autotype-bypass-demo
View on GitHub
fastjson 1.2.68 版本 autotype bypass
☆142Jun 17, 2022Updated 3 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
timwhitez / crawlergo_x_XRAY
View on GitHub
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
☆1,183Nov 10, 2021Updated 4 years ago
pmiaowu / BurpShiroPassiveScan
View on GitHub
一款基于BurpSuite的被动式shiro检测插件
☆1,798Dec 14, 2022Updated 3 years ago
bigsizeme / shiro-check
View on GitHub
Shiro反序列化回显利用、内存shell、检查 Burp插件
☆217Sep 1, 2022Updated 3 years ago
Ch1ngg / JCE
View on GitHub
JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本
☆258Oct 29, 2021Updated 4 years ago
uknowsec / SharpToolsAggressor
View on GitHub
内网渗透中常用的c#程序整合成cs脚本，直接内存加载。持续更新~
☆499Feb 13, 2020Updated 6 years ago
QAX-A-Team / sharpwmi
View on GitHub
sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。
☆715Aug 3, 2021Updated 4 years ago
wyzxxz / shiro_rce_tool
View on GitHub
shiro 反序列命令执行辅助检测工具
☆1,566May 21, 2024Updated last year
lengjibo / RedTeamTools
View on GitHub
记录自己编写、修改的部分工具
☆1,465Oct 19, 2025Updated 5 months ago
c0ny1 / FastjsonExploit
View on GitHub
Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
☆1,389Dec 16, 2022Updated 3 years ago
Virtual machines for every use case on DigitalOcean • Ad
Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
Y4er / fastjson-bypass-autotype-1.2.68
View on GitHub
fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
☆229Oct 12, 2022Updated 3 years ago
Tycx2ry / SweetPotato_CS
View on GitHub
修改的SweetPotato，使之可以用于CobaltStrike v4.0
☆246Apr 30, 2020Updated 5 years ago
acgbfull / Apache_Shiro_1.2.4_RCE
View on GitHub
Apache shiro <= 1.2.4 rememberMe 反序列化漏洞利用工具
☆21Feb 4, 2020Updated 6 years ago
c0ny1 / chunked-coding-converter
View on GitHub
Burp suite 分块传输辅助插件
☆2,029Feb 23, 2022Updated 4 years ago
admintony / shiro_rememberMe_Rce
View on GitHub
利用长亭xray高级版的回显Gadget重写的一个shiro反序列化利用工具。
☆123Jul 27, 2020Updated 5 years ago
broken5 / WebAliveScan
View on GitHub
对目标域名进行快速的存活扫描、简单的指纹识别、目录扫描
☆913Dec 8, 2022Updated 3 years ago
pmiaowu / BurpFastJsonScan
View on GitHub
一款基于BurpSuite的被动式FastJson检测插件
☆1,238Oct 1, 2022Updated 3 years ago
Slzdude / behinder_source
View on GitHub
Behinder3.0 Beta4 源码（Decompile and Fixed）
☆207Sep 1, 2020Updated 5 years ago
cbwang505 / CVE-2019-0708-EXP-Windows
View on GitHub
CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell
☆321Jan 21, 2020Updated 6 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
r0eXpeR / redteam_vul
View on GitHub
红队作战中比较常遇到的一些重点系统漏洞整理。
☆2,521Jul 17, 2021Updated 4 years ago
r35tart / RedisWriteFile
View on GitHub
通过 Redis 主从写出无损文件
☆718May 25, 2020Updated 5 years ago
dr0op / shiro-550-with-NoCC
View on GitHub
Shiro-550 不依赖CC链利用工具
☆450Jun 19, 2024Updated last year
hack2fun / BypassAV
View on GitHub
Cobalt Strike插件，用于快速生成免杀的可执行文件
☆914Jul 19, 2020Updated 5 years ago
QAX-A-Team / BrowserGhost
View on GitHub
这是一个抓取浏览器密码的工具，后续会添加更多功能
☆1,455May 21, 2022Updated 3 years ago
shack2 / skyscorpion
View on GitHub
新版将不再对外公开发布。天蝎权限管理工具采用Java平台的JavaFX技术开发的桌面客户端，支持跨平台运行，目前基于JDK1.8开发，运行必须安装JDK或JRE 1.8，注意不能是open jdk，只能是oracle的jdk。天蝎权限管理工具基于冰蝎加密流量进行WebSh…
☆386Mar 22, 2021Updated 5 years ago
uknowsec / frpModify
View on GitHub
修改frp支持域前置与配置文件自删除
☆397Dec 31, 2020Updated 5 years ago