serain / kubelet-anon-rceView external linksLinks
Executes commands in a container on a kubelet endpoint that allows anonymous authentication (default)
☆114Jan 14, 2019Updated 7 years ago
Alternatives and similar repositories for kubelet-anon-rce
Users that are interested in kubelet-anon-rce are comparing it to the libraries listed below
Sorting:
- ☆16Jan 5, 2021Updated 5 years ago
- CVE-2020-3452 exploit☆24Aug 1, 2020Updated 5 years ago
- CVE-2020-5398 - RFD(Reflected File Download) Attack for Spring MVC☆87Dec 15, 2022Updated 3 years ago
- POC for CVE-2018-15685☆42Aug 24, 2018Updated 7 years ago
- A Java serializer in JavaScript☆81May 21, 2018Updated 7 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆584Sep 7, 2021Updated 4 years ago
- Shell utility to list colorfully show what processes are listening on what ports.☆19Aug 17, 2019Updated 6 years ago
- Kubernetes POC for utilizing write mount to /var/log for getting a root on the host☆100Nov 18, 2020Updated 5 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago
- ☆19Mar 16, 2021Updated 4 years ago
- ☆11Dec 18, 2018Updated 7 years ago
- Collection of dockerfiles to build containers☆13Mar 19, 2018Updated 7 years ago
- Spring Boot Actuator + Spring Cloud Vul Env☆19Dec 25, 2019Updated 6 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (…☆316Apr 1, 2019Updated 6 years ago
- k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.☆301Aug 30, 2021Updated 4 years ago
- Thymeleaf SSTI Bypass☆13Nov 24, 2021Updated 4 years ago
- A malicious LDAP server for JNDI injection attacks☆76Nov 15, 2024Updated last year
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- Jackson Rce For CVE-2019-12384☆102Jul 24, 2019Updated 6 years ago
- 基于burpsuite headless 的代理式被动扫描系统☆97Feb 10, 2020Updated 6 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆169Jun 8, 2017Updated 8 years ago
- Java安全研究与安全开发面试题库,同是也是常见知识点的梳理和总结,包含问题和详细的答案,计划定期更新☆16Apr 30, 2022Updated 3 years ago
- A plugin that provides resources for beginners to learn reverse engineering using Binary Ninja. It automatically installs several other p…☆26Aug 22, 2017Updated 8 years ago
- CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE☆106Jul 18, 2019Updated 6 years ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆445Sep 7, 2022Updated 3 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- Capture screenshots from .NET using .NET methods or Windows API calls☆67Mar 9, 2020Updated 5 years ago
- PoC for CVE-2019-10207☆20Mar 27, 2022Updated 3 years ago
- CVE-2018-2893☆13Oct 7, 2018Updated 7 years ago
- ☆15Oct 8, 2025Updated 4 months ago
- ☆16Jul 20, 2020Updated 5 years ago
- A container analysis and exploitation tool for pentesters and engineers.☆675Sep 27, 2023Updated 2 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- CVE-2019-0604☆133Mar 22, 2019Updated 6 years ago
- Additional materials for RootedCON 2015 Apache Struts talk☆30Mar 6, 2015Updated 10 years ago
- JavaScript Reversed TCP Meterpreter Stager☆138May 25, 2017Updated 8 years ago
- Mogwai Java Management Extensions (JMX) Exploitation Toolkit☆174Jul 21, 2016Updated 9 years ago
- Checks for signature requirements over LDAP☆98Oct 11, 2022Updated 3 years ago