qi4L / CVE-2024-38077View external linksLinks
RDL的堆溢出导致的RCE
☆223Aug 14, 2024Updated last year
Alternatives and similar repositories for CVE-2024-38077
Users that are interested in CVE-2024-38077 are comparing it to the libraries listed below
Sorting:
- Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式☆545Mar 6, 2025Updated 11 months ago
- CVE-2023-22527 内存马注入工具☆76Feb 21, 2024Updated last year
- Exploit for the vulnerability CVE-2024-43044 in Jenkins☆184Oct 2, 2024Updated last year
- 用友漏洞综合利用工具☆261Nov 9, 2024Updated last year
- 使用 agent 实现反序列化 utf8 overlong☆83Apr 24, 2024Updated last year
- NacosExploit 命令执行 内存马等利用☆214Jul 18, 2024Updated last year
- Small & Fast Vulnerability Scanner Engine based on XRAY YAML Rule | 基于 XRAY YAML 规则的超轻量快速漏洞扫描引擎 | 基于 ANTLR 实现语法分析和完整的 XRAY YAML 规则实现 | 简单…☆182Jul 10, 2025Updated 7 months ago
- java实现反序列化建立socket连接☆60Dec 27, 2024Updated last year
- 自动化找白文件,用于扫描 EXE 文件的导入表,列出导入的DLL文件,并筛选出非系统DLL,符合条件的文件将被复制到特定的 X64 或 X86 文件夹☆563Dec 14, 2025Updated 2 months ago
- ☆25Dec 13, 2024Updated last year
- Confluence CVE 2021,2022,2023 利用工具,支持命令执行,哥斯拉,冰蝎 内存马注入☆548Feb 1, 2024Updated 2 years ago
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆459Aug 17, 2024Updated last year
- riverPass 是一个用Go编写的瑞数WAF绕过工具。它利用了WebSocket协议,将请求发送的自身浏览器中,从而绕过了瑞数WAF的检测。☆234Oct 18, 2024Updated last year
- 入侵痕迹清理/Cleaning up traces of intrusion☆243Nov 6, 2024Updated last year
- 基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本(动态执行Java/Js代码并获得回显)☆321Dec 22, 2024Updated last year
- JumpServer 堡垒机未授权综合漏洞利用, Exploit for CVE-2023-42442 / CVE-2023-42820 / RCE 2021☆270Jun 6, 2025Updated 8 months ago
- 主要用于隐藏进程真实路径,进程带windows真签名☆119Oct 15, 2024Updated last year
- 针对PE文件的分离的攻防对抗工具,红队、研究者的好帮手。目前支持文 件头伪装、证书区段感染。A no-kill confrontation tool for the separation of PE files, a good helper for red teams and…☆287Aug 20, 2024Updated last year
- ebpf WebShell/内核马,一种新型内核马/WebShell技术☆351Jan 8, 2024Updated 2 years ago
- 用java实现构造openwire协议,利用activeMQ < 5.18.3 RCE 回显利用 内存马注入☆288Nov 20, 2023Updated 2 years ago
- JavaGadgetGenerator 工具,支持 ysoserial,Hessian ,字节码,Expr/SSTI,Shiro,JDBC 等 Gadget 生成,封装,混淆,出网延迟探测,内存马注入等...☆546Dec 7, 2025Updated 2 months ago
- Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.☆315Apr 16, 2024Updated last year
- 助力红队成员一键生成免杀木马,使用rust实现 | Help Redteam members generate Evasive Anti-virus software Trojan☆614Aug 7, 2024Updated last year
- A local privilege escalation vulnerability in VMware vCenter Server (and VMware Cloud Foundation) caused by a misconfiguration of sudo, a…☆58Jul 9, 2024Updated last year
- WeblogicScan一键检测☆128May 6, 2024Updated last year
- MDUT-Extend(扩展版本)☆797Dec 19, 2024Updated last year
- DockerApiRCE☆236Oct 22, 2024Updated last year
- 闭源系统半自动漏洞挖掘工具,针对 jar/war/zip 进行静态代码分析,输出从source到sink的可达路径。LLM将验证路径可达性,并根据上下文给出该路径可信分数☆502Jan 12, 2026Updated last month
- javaeasyscanner - 富婆系列,代码审计辅助工具,致力于解放大脑,方便双手☆276Jun 18, 2024Updated last year
- A socksv5 proxy tool Written by CLang. 一款纯C实现的轻量内网穿透工具,支持正向,反向socks5代理隧道的搭建,支持跨平台使用。☆467Mar 2, 2025Updated 11 months ago
- 寻找可利用的白文件☆556Aug 18, 2025Updated 5 months ago
- GodInfo 是一个功能全面的后渗透信息和凭据收集工具,旨在帮助安全测试人员在获得授权访问权限后,快速收集目标系统的信息和凭据。☆245Apr 29, 2025Updated 9 months ago
- 一款Java内存马生成、测试工 具,搭配@ax1sX的MemShell食用。☆260Jul 4, 2024Updated last year
- 哥斯拉webshell管理工具的插件,用于连接websocket型webshell☆176Apr 17, 2024Updated last year
- ☆137Jan 8, 2024Updated 2 years ago
- DockerRemoteAPI未授权访问(2375端口)利用工具,支持容器逃逸☆67Dec 29, 2024Updated last year
- CVE-2024-30090 - LPE PoC☆108Oct 17, 2024Updated last year
- 一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.☆557May 30, 2025Updated 8 months ago
- JeecgCracker 是一个专门针对 JeecgBoot 框架的密码爆破工具。☆29Oct 29, 2024Updated last year