JavaPayload is a collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfigurations (like not password protected Tomcat manager or debugger port).
☆126Jan 20, 2025Updated last year
Alternatives and similar repositories for JavaPayload
Users that are interested in JavaPayload are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- Java RMI enumeration and attack tool.☆745Sep 28, 2017Updated 8 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116May 17, 2019Updated 6 years ago
- Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls☆42Jan 22, 2016Updated 10 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- Java Untrusted Deserialization Exploits Tools☆67Dec 13, 2015Updated 10 years ago
- RCE Exploit PoC for XMLDecoder☆63Aug 1, 2013Updated 12 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆387Apr 16, 2022Updated 3 years ago
- Spring messaging STOMP protocol RCE☆113Apr 12, 2018Updated 7 years ago
- ☆78Oct 28, 2015Updated 10 years ago
- DOOM是在thorn上实现的分布式任务分发的ip端口漏洞扫描器☆136Dec 1, 2015Updated 10 years ago
- Strstr with user-supplied needle and filename as a BOF.☆32Sep 27, 2021Updated 4 years ago
- A domain/ip fuzzing tool for vulnerability mining☆100Mar 13, 2015Updated 11 years ago
- Mogwai Java Management Extensions (JMX) Exploitation Toolkit☆174Jul 21, 2016Updated 9 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago
- IDS Bypass tricks☆122Jan 11, 2019Updated 7 years ago
- Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java☆55Jul 21, 2016Updated 9 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- Web Security Technology & Vulnerability Analysis Whitepapers☆549Jan 1, 2019Updated 7 years ago
- based on search engine and get the valid infomation to test the vulnerability☆16Jun 16, 2016Updated 9 years ago
- Reverse TCP Port to UDP Forwarding Tools☆160Nov 11, 2016Updated 9 years ago
- Feigong,针对各种情况自由变化的mysql注入脚本,In view of the different things freely change the mysql injection script☆107Jan 24, 2017Updated 9 years ago
- A static byte code analyzer for Java deserialization gadget research☆251Apr 17, 2017Updated 8 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- 用于扫描git,svn泄露☆78Jul 29, 2015Updated 10 years ago
- Bugscan Web Vulnerability Scaner Online System☆68Apr 4, 2016Updated 9 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- some java code i met or i used☆29May 7, 2019Updated 6 years ago
- Study about HQL injection exploitation.☆52May 15, 2016Updated 9 years ago
- http://x0day.me/archives/bannerscan-py.html☆53Sep 4, 2014Updated 11 years ago
- A lightweight batch scanning framework based on gevent.☆48Jun 22, 2018Updated 7 years ago
- Exploit PoC for Spring RCE issue (CVE-2011-2894)☆44Dec 17, 2023Updated 2 years ago
- a plenty of poc based on python☆290Jun 10, 2017Updated 8 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆298Jun 10, 2019Updated 6 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆222Mar 16, 2026Updated last week
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- fofa website☆361Oct 1, 2020Updated 5 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- New On Live Web Vul Scan☆40Nov 14, 2015Updated 10 years ago