r00tuser111/ActuatorExploitTools external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

r00tuser111/ActuatorExploitTools

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/r00tuser111/ActuatorExploitTools)

Close

r00tuser111 / ActuatorExploitToolsView on GitHubMore

• External links
• Readme badge

一款用于攻击spring boot actuator的集成环境，目前集成三种攻击方式，支持1.x、2.x

☆86Jul 26, 2021Updated 4 years ago

Alternatives and similar repositories for ActuatorExploitTools

Users that are interested in ActuatorExploitTools are comparing it to the libraries listed below

• grayddq / EBurst

  View on GitHub
  这个脚本主要提供对Exchange邮件服务器的账户爆破功能，集成了现有主流接口的爆破方式。
  ☆339May 22, 2023Updated 2 years ago
• TheKingOfDuck / paramFuzzer

  View on GitHub
  一款高效的参数fuzz工具|A faster param fuzzing test tool
  ☆103Nov 8, 2020Updated 5 years ago
• TheKingOfDuck / Loki

  View on GitHub
  一个轻量级Web蜜罐 - A Little Web Honeypot.🍯🍯🍯🐝🐝🐝
  ☆200Jan 13, 2022Updated 4 years ago
• 3roman / FoxmailDump

  View on GitHub
  dump foxmail password 提取foxmail中存储的邮箱密码
  ☆22Jan 26, 2018Updated 8 years ago
• Y4er / fastjson-bypass-autotype-1.2.68

  View on GitHub
  fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
  ☆229Oct 12, 2022Updated 3 years ago
• evi1ox / MSSQL_BackDoor

  View on GitHub
  ☆159Aug 4, 2020Updated 5 years ago
• uknowsec / Frida-Hook-In-Java-Notes

  View on GitHub
  Java层frida hook学习笔记 https://uknowsec.cn
  ☆47Feb 6, 2020Updated 6 years ago
• jas502n / DBconfigReader

  View on GitHub
  泛微ecology OA系统接口存在数据库配置信息泄露漏洞
  ☆50Jul 13, 2020Updated 5 years ago
• jas502n / SpringBoot_Actuator_RCE

  View on GitHub
  SpringBoot_Actuator_RCE
  ☆95May 26, 2020Updated 5 years ago
• threedr3am / tomcat-cluster-session-sync-exp

  View on GitHub
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆212May 19, 2020Updated 5 years ago
• mabangde / mimiremote

  View on GitHub
  ☆28Mar 26, 2020Updated 5 years ago
• Y4er / yaml-payload

  View on GitHub
  Spring Cloud SnakeYAML 反序列化一键注入cmdshell和reGeorg
  ☆135Sep 24, 2020Updated 5 years ago
• uknowsec / SharpCheckInfo

  View on GitHub
  收集目标主机信息，包括最近打开文件，系统环境变量和回收站文件等等
  ☆115Oct 30, 2019Updated 6 years ago
• chroblert / domainWeakPasswdCheck

  View on GitHub
  内网安全·域账号弱口令审计
  ☆163Dec 27, 2019Updated 6 years ago
• QAX-A-Team / EventLogMaster

  View on GitHub
  Cobalt Strike插件 - RDP日志取证&清除
  ☆363Dec 23, 2019Updated 6 years ago
• r35tart / RedisWriteFile

  View on GitHub
  通过 Redis 主从写出无损文件
  ☆719May 25, 2020Updated 5 years ago
• pentest-tools-public / Pass-to-hash-EWS

  View on GitHub
  ☆94Aug 29, 2018Updated 7 years ago
• Rvn0xsy / CVE-2021-3156-plus

  View on GitHub
  CVE-2021-3156非交互式执行命令
  ☆203Feb 9, 2021Updated 5 years ago
• al0ne / Nmap_Bypass_IDS

  View on GitHub
  Nmap&Zmap特征识别，绕过IDS探测
  ☆329Aug 1, 2019Updated 6 years ago
• n0thing0x01 / session_enum

  View on GitHub
  通过NetSessionEnum获取域内机器对应用户
  ☆67May 6, 2020Updated 5 years ago
• uknowsec / SharpToolsAggressor

  View on GitHub
  内网渗透中常用的c#程序整合成cs脚本，直接内存加载。持续更新~
  ☆498Feb 13, 2020Updated 6 years ago
• Ch1ngg / JCE

  View on GitHub
  JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本
  ☆258Oct 29, 2021Updated 4 years ago
• heroanswer / XSS_Cheat_Sheet_2020_Edition

  View on GitHub
  xss漏洞模糊测试payload的最佳集合 2020版
  ☆511May 25, 2020Updated 5 years ago
• Werneror / pekja

  View on GitHub
  SRC情报收集管理系统
  ☆60Feb 3, 2026Updated 3 weeks ago
• dpu / coremail-address-book

  View on GitHub
  📧Coremail邮件系统组织通讯录导出脚本
  ☆158Sep 28, 2021Updated 4 years ago
• Tycx2ry / SweetPotato_CS

  View on GitHub
  修改的SweetPotato，使之可以用于CobaltStrike v4.0
  ☆246Apr 30, 2020Updated 5 years ago
• WBGlIl / IIS_backdoor

  View on GitHub
  backdoor
  ☆262Jul 26, 2025Updated 7 months ago
• 0verSp4ce / CVE-2021-4034

  View on GitHub
  CVE-2021-4034, For Webshell Version.
  ☆35Jan 27, 2022Updated 4 years ago
• rootclay / NTLM-SSP

  View on GitHub
  本项目是一篇NTLM中高级进阶进阶文章，后续我也会在Github和Gitbook对此文进行持续性的更新NTLM以及常见的协议中高级进阶并计划开源部分协议调试工具，望各位issue勘误。
  ☆113Jul 10, 2020Updated 5 years ago
• b0bac / GetMail

  View on GitHub
  利用NTLM Hash读取Exchange邮件
  ☆441Jan 7, 2025Updated last year
• Airboi / CVE-2020-17144-EXP

  View on GitHub
  Exchange2010 authorized RCE
  ☆157Dec 24, 2020Updated 5 years ago
• feihong-cs / JspMaster-Deprecated

  View on GitHub
  一款基于webshell命令执行功能实现的GUI webshell管理工具，支持流量加密
  ☆218Jun 4, 2021Updated 4 years ago
• jas502n / unauthorized-tools

  View on GitHub
  未授权批量检测脚本
  ☆14Oct 9, 2019Updated 6 years ago
• uknowsec / CreateService

  View on GitHub
  创建服务持久化
  ☆108Apr 26, 2021Updated 4 years ago
• iSafeBlue / fastjson-autotype-bypass-demo

  View on GitHub
  fastjson 1.2.68 版本 autotype bypass
  ☆142Jun 17, 2022Updated 3 years ago
• LandGrey / spring-boot-upload-file-lead-to-rce-tricks

  View on GitHub
  spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
  ☆754Apr 14, 2021Updated 4 years ago
• SEC-GO / Red-vs-Blue

  View on GitHub
  红蓝对抗交流心得
  ☆106Apr 8, 2020Updated 5 years ago
• Y4er / CVE-2020-2551

  View on GitHub
  Weblogic IIOP CVE-2020-2551
  ☆339Apr 7, 2020Updated 5 years ago
• rabbitmask / SB-Actuator

  View on GitHub
  Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测
  ☆521May 21, 2020Updated 5 years ago