Alternatives and similar repositories for dubbo-exp

Users that are interested in dubbo-exp are comparing it to the libraries listed below

• Lonely-night / fastjsonVul
  fastjson 80 远程代码执行漏洞复现
  ☆195Updated 2 years ago
• woodpecker-appstore / jexpr-encoder-utils
  Java表达式语句生成器
  ☆191Updated last year
• YYHYlh / Dubbo-Scan
  一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。
  ☆168Updated last year
• vulhub / JNDIExploit
  A malicious LDAP server for JNDI injection attacks
  ☆52Updated 2 years ago
• FFreestanding / JavaUnserializeChain
  自己积累的一些Java反序列化利用链
  ☆89Updated 2 years ago
• Lotus6 / FileMonitor
  Java命令行文件监控小工具(代码审计)
  ☆102Updated 3 years ago
• A0WaQ4 / HexDnsEchoT
  命令执行不回显但DNS协议出网的命令回显场景解决方案（修改为使用ceye接收请求，添加自定义DNS服务器）
  ☆291Updated last year
• corener / JavaPassDump
  JavaPassDump
  ☆255Updated 3 years ago
• Hutt0n0 / ActiveMqRCE
  用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用 内存马注入
  ☆281Updated last year
• KpLi0rn / ysoserial
  在原有yso基础上实现依赖分离，内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆68Updated 3 years ago
• whwlsfb / SpringSpider
  Spring Actuator端点的BurpSuite被动扫描插件。
  ☆199Updated 2 years ago
• Whoopsunix / fastjson_study
  Abandoned - fastjson 1.2.24-1.2.80 poc & vulns env & how to check vul
  ☆92Updated last year
• depycode / fastjson-c3p0
  fastjson不出网利用、c3p0
  ☆252Updated 3 years ago
• yuyan-sec / druid_sessions
  获取 alibaba druid 一些 sessions , sql , urls
  ☆274Updated 2 months ago
• depycode / fastjson-local-echo
  基于dbcp的fastjson rce 回显
  ☆193Updated 3 years ago
• 1ucky7 / jmg-for-Godzilla
  Godzilla插件|内存马|Suo5内存代理｜jmg for Godzilla
  ☆224Updated last year
• YYHYlh / Apache-Dubbo-CVE-2023-23638-exp
  Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
  ☆225Updated last year
• R17a-17 / JavaVulnSummary
  Java漏洞分析汇合
  ☆142Updated 3 years ago
• passer-W / snakeyaml-memshell
  springboot跨线程注入内存马
  ☆119Updated 3 years ago
• Le1a / CVE-2023-33246
  Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit
  ☆81Updated 2 years ago
• winezer0 / springboot_scan
  支持自动化的切换请求方式、自动化的请求重试、以完整的扫描Springboot路径
  ☆3Updated 3 years ago
• dushixiang / evil-mysql-server
  evil-mysql-server is a malicious database written to target jdbc deserialization vulnerabilities and requires ysoserial.
  ☆92Updated 2 years ago
• lz2y / DubboPOC
  Apache Dubbo漏洞测试Demo及其POC
  ☆61Updated 2 years ago
• mrknow001 / xxl-job-rce
  xxl-job未授权命令执行
  ☆109Updated 3 years ago
• raspberryhusky / lazyfinder
  快速遍历目标目录中所有指定后缀文件中包含的敏感信息
  ☆138Updated 2 years ago
• novysodope / RMI_Inj_MemShell
  rmi打内存马工具，适用于目标用不了ldap的情况
  ☆254Updated last year
• lz2y / yaml-payload-for-ruoyi
  A memory shell for ruoyi
  ☆249Updated 2 years ago
• Whoopsunix / PPPYSO
  proof-of-concept for generating Java deserialization payload | Proxy MemShell
  ☆193Updated last year
• coffeehb / Spring4Shell
  一个Spring4Shell 被动式检测的Burp插件
  ☆93Updated 3 years ago
• j2ekim / YonyouNC_Tip
  ☆167Updated 3 years ago