spaceraccoon / spring-boot-actuator-h2-rceView external linksLinks
Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database
☆107Jan 26, 2020Updated 6 years ago
Alternatives and similar repositories for spring-boot-actuator-h2-rce
Users that are interested in spring-boot-actuator-h2-rce are comparing it to the libraries listed below
Sorting:
- Redis RCE 的几种方法☆90Jun 5, 2024Updated last year
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- jolokia-exploitation-toolkit☆310Dec 19, 2024Updated last year
- Spring Boot Actuator (jolokia) XXE/RCE☆324Jun 16, 2020Updated 5 years ago
- ☆419Jan 5, 2022Updated 4 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Feb 25, 2019Updated 6 years ago
- SSRF to TCP Port Scanning, Banner and Private IP Disclosure by abusing the FTP protocol/clients☆70Jul 29, 2021Updated 4 years ago
- 泛微ecology OA系统接口存在数据库配置信息泄露漏洞☆50Jul 13, 2020Updated 5 years ago
- Retrieve the complete build history for every job ever created and executed on a given Jenkins instance.☆67Apr 25, 2025Updated 9 months ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- Tomcat的Filter型免杀内存马,主要思路是Bypass各种检查手段☆10Nov 26, 2021Updated 4 years ago
- Read Navicat 12 Password☆19Jun 7, 2020Updated 5 years ago
- LANGZI_SRC_安全巡航 是一款集成漏扫,验证,资产监控,自动复现并且生成结果表报的工具,实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。☆14Jul 7, 2019Updated 6 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆484Dec 9, 2020Updated 5 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆673Jan 28, 2024Updated 2 years ago
- CobaltStrike Extentions☆40Oct 24, 2021Updated 4 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- 跟.net相关的学习☆88Jun 24, 2024Updated last year
- woodpecker框架专用bcel库☆12Apr 30, 2021Updated 4 years ago
- Keep track of changes in website with WEBSY☆35May 22, 2023Updated 2 years ago
- Blind XSS SVG☆10Mar 27, 2023Updated 2 years ago
- SQL Server Reporting Services(CVE-2020-0618)中的RCE☆198Feb 15, 2020Updated 6 years ago
- Burp Suite extension for parsing Swagger web service definition files☆19Jul 15, 2025Updated 7 months ago
- Apache Solr Exploits 🌟☆348Oct 13, 2020Updated 5 years ago
- CVE-2020-5410 Spring Cloud Config directory traversal vulnerability☆31Jun 16, 2020Updated 5 years ago
- List of special metadata IPs used in cloud services☆11Aug 9, 2019Updated 6 years ago
- ☆12Sep 23, 2023Updated 2 years ago
- -☆11Nov 21, 2020Updated 5 years ago
- ☆13Feb 9, 2022Updated 4 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Nov 20, 2022Updated 3 years ago
- Reverse engineers GQL Schema and generates template payloads☆46Apr 5, 2019Updated 6 years ago
- Tomcat基于动态注册Filter的无文件Webshell☆26Jun 20, 2020Updated 5 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,080Jun 15, 2021Updated 4 years ago
- DNS rebinding toolkit☆255May 22, 2023Updated 2 years ago
- websocket-connection-smuggler☆66Jan 22, 2020Updated 6 years ago
- ☆65Dec 9, 2020Updated 5 years ago
- Client Side Prototype Pollution Scanner☆524Sep 17, 2022Updated 3 years ago
- Apache Tomcat + MongoDB Remote Code Execution☆113Jan 15, 2021Updated 5 years ago