Struts2 vuln env
☆43Dec 6, 2022Updated 3 years ago
Alternatives and similar repositories for struts2_vulns
Users that are interested in struts2_vulns are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Native Java serialization filter blacklist for common gadgets☆20Sep 12, 2019Updated 6 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆105Mar 10, 2020Updated 6 years ago
- ☆62Mar 25, 2020Updated 6 years ago
- ☆98Oct 7, 2023Updated 2 years ago
- 二进制学习笔记☆12Oct 14, 2020Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- web模糊测试 - 将漏洞可能性放大☆145Apr 23, 2019Updated 7 years ago
- Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls☆43Jan 22, 2016Updated 10 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Feb 8, 2020Updated 6 years ago
- 一个NodeJS实现的漏扫动态爬虫☆80Dec 11, 2022Updated 3 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213May 19, 2020Updated 6 years ago
- java source code static code analysis and danger function identify prog☆535Feb 18, 2019Updated 7 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.优化了一些东西。☆212Jan 17, 2022Updated 4 years ago
- Shellcode异或加密工具☆11Mar 23, 2017Updated 9 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Java Security Documents☆81Sep 19, 2019Updated 6 years ago
- 记录调试分析ysoserial系列的学习过程,主要包含手动构造的一些poc,便于加深对漏洞和工具的理解☆30Jun 15, 2020Updated 5 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- Monitor and prevent unexpected behavior of Java programs.☆14Jul 6, 2021Updated 4 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆483Dec 9, 2020Updated 5 years ago
- Behinder3.0 Beta4 源码(Decompile and Fixed)☆207Sep 1, 2020Updated 5 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- jenkins payload☆17May 3, 2017Updated 9 years ago
- ☆11Mar 30, 2017Updated 9 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆404Feb 28, 2020Updated 6 years ago
- 免杀webshell☆37Jun 21, 2020Updated 5 years ago
- mstsc.exe Path Traversal to RCE POC☆91May 23, 2019Updated 7 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago
- JAVA指针分析☆13Jul 23, 2019Updated 6 years ago
- 基于深度学习的cms识别 训练集☆16Sep 22, 2018Updated 7 years ago
- ☆13Apr 16, 2020Updated 6 years ago
- Security & Development☆272Oct 5, 2023Updated 2 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆58Oct 31, 2019Updated 6 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,397Dec 16, 2022Updated 3 years ago
- Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"☆101Sep 20, 2019Updated 6 years ago
- A fake JDBC driver that allows OS command execution.☆126Oct 2, 2022Updated 3 years ago
- ☆16Jan 5, 2021Updated 5 years ago
- ☆69Aug 11, 2020Updated 5 years ago
- laravel 5.8 rce pop chain☆26Oct 27, 2019Updated 6 years ago