用于WebLogic poc及exp测试的基础脚本,后续将集成各版本poc库
☆95Nov 4, 2020Updated 5 years ago
Alternatives and similar repositories for WebLogic_Basic_Poc
Users that are interested in WebLogic_Basic_Poc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆271Mar 4, 2022Updated 4 years ago
- some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute☆70Dec 14, 2020Updated 5 years ago
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆534Aug 25, 2020Updated 5 years ago
- 该项目是通过go语言实现防止rmi利用被反置的问题。☆45Dec 30, 2021Updated 4 years ago
- SpringBoot Actuator未授权自动化利用,支持信息泄漏/RCE☆231Dec 5, 2020Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- TaiO 的定位是一款用于攻击方对靶标资产梳理,快速定位脆弱资产的网络空间测绘工具☆76Mar 9, 2022Updated 4 years ago
- Shiro-550 不依赖CC链利用工具☆451Jun 19, 2024Updated last year
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213May 19, 2020Updated 5 years ago
- Sample Spring application to Demonstrate the Gateway Actuator☆49Mar 3, 2022Updated 4 years ago
- 记录weblogic的一些漏洞原理☆17Nov 4, 2021Updated 4 years ago
- POC of CVE-2021-2394☆40Oct 28, 2021Updated 4 years ago
- ☆69Aug 11, 2020Updated 5 years ago
- Log4j_dos_CVE-2021-45105☆13Dec 19, 2021Updated 4 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆485Dec 9, 2020Updated 5 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- exchange-ssrf-rce☆79Mar 14, 2021Updated 5 years ago
- CVE-2020-10199 回显版本☆31Jun 24, 2024Updated last year
- Weblogic IIOP CVE-2020-2551☆338Apr 7, 2020Updated 6 years ago
- A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.☆216Mar 31, 2019Updated 7 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- Yapi RCE漏洞批量验证与伪交互SHELL☆42Jul 9, 2021Updated 4 years ago
- Shiro反序列化回显利用、内存shell、检查 Burp插件☆217Sep 1, 2022Updated 3 years ago
- 内网域渗透小工具☆732Apr 20, 2021Updated 4 years ago
- AntSword(蚁剑)全参数流量XOR和Base64加伪装WebShell☆163Sep 28, 2021Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- JDBC Connection URL Attack☆443Sep 10, 2021Updated 4 years ago
- 影子用户 克隆☆233Dec 30, 2021Updated 4 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆754Apr 14, 2021Updated 4 years ago
- Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法☆401Jan 24, 2025Updated last year
- ☆286Jan 15, 2020Updated 6 years ago
- POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞, 对功能进行强化以及脚本进行分类添加,自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC☆358Mar 12, 2020Updated 6 years ago
- 基于向日葵RCE的本地权限提升,无需指定端口☆211Feb 24, 2022Updated 4 years ago
- 用cel-go重现了长亭xray的poc检测功能的轮子☆298Jun 24, 2022Updated 3 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆167Apr 5, 2019Updated 7 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆311Jun 17, 2022Updated 3 years ago
- 一个简陋的分布式子域名扫描轮子☆17Dec 8, 2022Updated 3 years ago
- ☆232Jan 3, 2022Updated 4 years ago
- 用CSharp写的一款信息搜集工具,目前支持Navicat、TeamView、Xshell、SecureCRT产品的密码解密☆251Aug 26, 2020Updated 5 years ago
- fastjson 80 远程代码执行漏洞复现☆199Sep 7, 2022Updated 3 years ago
- 就是一个练习RMI反序列化的最简单环境☆30Jan 8, 2022Updated 4 years ago
- CVE-2022-22947☆223Mar 3, 2022Updated 4 years ago