trganda / atkjdbcLinks

Write Up Code of HITB Sec-Sin 2021 Make JDBC Attacks Brilliant Again

☆14

Alternatives and similar repositories for atkjdbc

Users that are interested in atkjdbc are comparing it to the libraries listed below

Sorting:

cwkiller / JDBC-PROXY-Bypass
利用代理驱动绕过JDBC Attack检测
☆130Updated 3 months ago
cwkiller / ClassLinefix
Java bytecode line number restoration tool
☆88Updated 2 weeks ago
yulate / tabby-pipeline
用于快速启动tabby 分析漏洞或者gadget的环境
☆88Updated 2 months ago
Lotus6 / FileMonitor
Java命令行文件监控小工具(代码审计)
☆103Updated 3 years ago
l3yx / Java-RASP-Research-Env
之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境
☆71Updated 11 months ago
woodpecker-appstore / java-memshell-generator
Java 内存马生成插件
☆54Updated 2 years ago
KpLi0rn / DeserializeAll
一个简单的批量反编译jar包的小脚本
☆42Updated 3 years ago
tabby-sec / tabby-intellij-plugin
A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
☆37Updated 10 months ago
ax1sX / RouteCheck-Alpha
A Java Route Collection Tool
☆101Updated last year
xiaopan233 / GenerateNoHard
本工具的定位是快速生成Java安全相关的Payload，如内存马、反序列化链、JNDI url、Fastjson等，动态生成相关Payload，并附带相应的文档。
☆93Updated 6 months ago
yuligesec / watchvuln
一个高价值漏洞采集与推送服务 | A valueable vulnerability collection and push service
☆31Updated 11 months ago
Whoopsunix / nacosScan
nacos api bypass & jwt bypass & get all configs
☆42Updated 2 years ago
Y4Sec-Team / no-templates
如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过
☆52Updated 2 years ago
freeFV / ShortPayload
如何将Java反序列化Payload极致缩小
☆65Updated 3 years ago
YYHYlh / Dubbo-Scan
一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。
☆169Updated 2 years ago
unam4 / fineldapc
某软最新公开gadgegt,新加入不出网利用。
☆78Updated last year
pacemrc / VulDebug
Java漏洞调试分析集合
☆91Updated last year
woodpecker-appstore / plugin-example
woodpecker 漏洞插件开发的简单示范，用于插件的快速上手
☆25Updated 4 years ago
Y4Sec-Team / mysql-jdbc-tricks
JDBC Attack Tricks
☆144Updated 2 years ago
lz2y / DubboPOC
Apache Dubbo漏洞测试Demo及其POC
☆62Updated 2 years ago
p1n93r / SpringBootAdmin-thymeleaf-SSTI
SpringBootAdmin-thymeleaf-SSTI which can cause RCE
☆81Updated 2 years ago
kyo-w / Spel-research
Spel-research
☆26Updated 3 years ago
luelueking / Fake_Kafka_Server
☆79Updated 9 months ago
jorgectf / jdk4QL
Java JDK 8-18 CodeQL databases
☆16Updated last year
hosch3n / FastjsonVulns
[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
☆91Updated 3 years ago
KpLi0rn / ysoserial
在原有yso基础上实现依赖分离，内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆68Updated 4 years ago
byname66 / SerializeJava
用Go+Fyne开发的，展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。
☆115Updated 8 months ago
luelueking / CVE-2022-25845-In-Spring
CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!
☆98Updated 10 months ago
tabby-sec / tabby-vul-finder
A vul-finder for loading CPG and automated finding vul-call-chains
☆62Updated last month
Whoopsunix / utf-8-overlong-encoding
抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组
☆138Updated last year