Apache Tomcat + MongoDB Remote Code Execution
☆113Jan 15, 2021Updated 5 years ago
Alternatives and similar repositories for Apache-Tomcat-MongoDB-Remote-Code-Execution
Users that are interested in Apache-Tomcat-MongoDB-Remote-Code-Execution are comparing it to the libraries listed below
Sorting:
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.☆229Oct 12, 2022Updated 3 years ago
- Shiro-721 RCE Via RememberMe Padding Oracle Attack☆269Oct 29, 2020Updated 5 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- Weblogic coherence.jar RCE☆176May 10, 2020Updated 5 years ago
- Weblogic IIOP CVE-2020-2551☆339Apr 7, 2020Updated 5 years ago
- CVE-2020-10199、CVE-2020-10204、CVE-2020-11444☆35Apr 9, 2020Updated 5 years ago
- CVE-2020-8163 - Remote code execution of user-provided local names in Rails☆61Dec 14, 2022Updated 3 years ago
- autoType enable☆36Sep 21, 2019Updated 6 years ago
- CVE-2019-10392 RCE Jackson with Git Client Plugin 2.8.2 (Authenticated)☆21Sep 26, 2019Updated 6 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆484Dec 9, 2020Updated 5 years ago
- Behinder3.0 Beta4 源码(Decompile and Fixed)☆207Sep 1, 2020Updated 5 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆103Mar 10, 2020Updated 5 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- bypass JEP290 RaspHook code☆63Sep 21, 2020Updated 5 years ago
- Apache Log4j 1.2.X存在反序列化远程代码执行漏洞☆78Dec 25, 2019Updated 6 years ago
- ☆159Aug 4, 2020Updated 5 years ago
- POP3 MITM example☆27Dec 12, 2019Updated 6 years ago
- ☆143Jan 21, 2021Updated 5 years ago
- reGeorg的特殊版本,适用于老版本weblogic。☆151Apr 30, 2020Updated 5 years ago
- CVE-2019-3396 confluence SSTI RCE☆174Oct 1, 2020Updated 5 years ago
- PoC exploit for VMware Cloud Director RCE (CVE-2020-3956)☆89Jun 2, 2020Updated 5 years ago
- An AntSword's plugin to scan webshell☆16Sep 2, 2019Updated 6 years ago
- Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE☆176Dec 15, 2022Updated 3 years ago
- Shiro RCE (Padding Oracle Attack)☆148Nov 15, 2019Updated 6 years ago
- The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224☆14Jan 10, 2020Updated 6 years ago
- CVE-2020-2546,CVE-2020-2915 CVE-2020-2801 CVE-2020-2798 CVE-2020-2883 CVE-2020-2884 CVE-2020-2950 WebLogic T3 payload exploit poc pyth…☆133Mar 5, 2023Updated 2 years ago
- Apache Solr Exploits 🌟☆348Oct 13, 2020Updated 5 years ago
- Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)☆364Jan 11, 2020Updated 6 years ago
- CVE-2020-5902 BIG-IP☆374Oct 13, 2021Updated 4 years ago
- CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统☆187Jun 17, 2020Updated 5 years ago
- 一款基于webshell命令执行功能实现的GUI webshell管理工具,支持流量加密☆218Jun 4, 2021Updated 4 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- ☆119Apr 14, 2020Updated 5 years ago
- 一款用于攻击spring boot actuator的集成环境,目前集成三种攻击方式,支持1.x、2.x☆86Jul 26, 2021Updated 4 years ago
- java内存对象搜索辅助工具☆823Sep 23, 2022Updated 3 years ago
- 修改的SweetPotato,使之可以用于CobaltStrike v4.0☆246Apr 30, 2020Updated 5 years ago