用于WebLogic poc及exp测试的基础脚本,后续将集成各版本poc库
☆94Nov 4, 2020Updated 5 years ago
Alternatives and similar repositories for WebLogic_Basic_Poc
Users that are interested in WebLogic_Basic_Poc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆270Mar 4, 2022Updated 4 years ago
- some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute☆70Dec 14, 2020Updated 5 years ago
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆535Aug 25, 2020Updated 5 years ago
- 该项目是通过go语言实现防止rmi利用被反置的问题。☆44Dec 30, 2021Updated 4 years ago
- SpringBoot Actuator未授权自动化利用,支持信息泄漏/RCE☆230Dec 5, 2020Updated 5 years ago
- TaiO 的定位是一款用于攻击方对靶标资产梳理,快速定位脆弱资产的网络空间测绘工具☆75Mar 9, 2022Updated 4 years ago
- Shiro-550 不依赖CC链利用工具☆450Jun 19, 2024Updated last year
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- Sample Spring application to Demonstrate the Gateway Actuator☆48Mar 3, 2022Updated 4 years ago
- 记录weblogic的一些漏洞原理☆16Nov 4, 2021Updated 4 years ago
- POC of CVE-2021-2394☆40Oct 28, 2021Updated 4 years ago
- ☆69Aug 11, 2020Updated 5 years ago
- Log4j_dos_CVE-2021-45105☆13Dec 19, 2021Updated 4 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆484Dec 9, 2020Updated 5 years ago
- exchange-ssrf-rce☆78Mar 14, 2021Updated 5 years ago
- CVE-2020-10199 回显版本☆31Jun 24, 2024Updated last year
- Weblogic IIOP CVE-2020-2551☆338Apr 7, 2020Updated 5 years ago
- A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.☆216Mar 31, 2019Updated 6 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- Yapi RCE漏洞批量验证与伪交互SHELL☆42Jul 9, 2021Updated 4 years ago
- Shiro反序列化回显利用、内存shell、检查 Burp插件☆217Sep 1, 2022Updated 3 years ago
- 内网域渗透小工具☆733Apr 20, 2021Updated 4 years ago
- AntSword(蚁剑)全参数流量XOR和Base64加伪装WebShell☆163Sep 28, 2021Updated 4 years ago
- JDBC Connection URL Attack☆441Sep 10, 2021Updated 4 years ago
- 影子用户 克隆☆233Dec 30, 2021Updated 4 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆753Apr 14, 2021Updated 4 years ago
- Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法☆400Jan 24, 2025Updated last year
- ☆286Jan 15, 2020Updated 6 years ago
- POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞, 对功能进行强化以及脚本进行分类添加,自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC☆357Mar 12, 2020Updated 6 years ago
- 用cel-go重现了长亭xray的poc检测功能的轮子☆297Jun 24, 2022Updated 3 years ago
- 基于向日葵RCE的本地权限提升,无需指定端口☆210Feb 24, 2022Updated 4 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆166Apr 5, 2019Updated 6 years ago
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆311Jun 17, 2022Updated 3 years ago
- 一个简陋的分布式子域名扫描轮子☆17Dec 8, 2022Updated 3 years ago
- ☆231Jan 3, 2022Updated 4 years ago
- 用CSharp写的一款信息搜集工具,目前支持Navicat、TeamView、Xshell、SecureCRT产品的密码解密☆250Aug 26, 2020Updated 5 years ago
- fastjson 80 远程代码执行漏洞复现☆199Sep 7, 2022Updated 3 years ago
- 就是一个练习RMI反序列化的最简单环境☆30Jan 8, 2022Updated 4 years ago
- CVE-2022-22947☆222Mar 3, 2022Updated 4 years ago