Alternatives and similar repositories for payloads

Users that are interested in payloads are comparing it to the libraries listed below

• Artemis1029 / Java_xmlhack
  帮助java环境下任意文件下载情况自动化读取源码的小工具
  ☆167Updated 6 years ago
• threedr3am / tomcat-cluster-session-sync-exp
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆212Updated 5 years ago
• l3m0n / WebFuzzAttack
  web模糊测试 - 将漏洞可能性放大
  ☆148Updated 6 years ago
• DragonGrowlTeam / Address
  ☆213Updated last year
• kingkaki / Struts2-Vulenv
  struts2 漏洞环境源代码
  ☆75Updated 3 years ago
• 5up3rc / weblogic_cmd
  weblogic t3 deserialization rce
  ☆268Updated 8 years ago
• lightless233 / Java-Unserialization-Study
  QAQ Just study unserialize vulnerabilities in Java :)
  ☆196Updated 7 years ago
• mtxiaowangzi / CAFJE
  又一个Java Web代码审计工具
  ☆100Updated 7 years ago
• qiaofei32 / jsonp_info_leak
  jsonp隐私泄漏发现
  ☆146Updated 7 years ago
• zsxsoft / reGeorg
  A modified reGeorg for One-line PHP Shell.
  ☆86Updated 7 years ago
• lalajun / RMIDeserialize
  RMI 反序列化环境 一步步
  ☆213Updated 5 years ago
• momika233 / Joomla-3.4.6-RCE
  Joomla 3.4.6 – Remote Code Execution
  ☆109Updated 2 years ago
• MagicZer0 / fastjson-rce-exploit
  exploit for fastjson remote code execution vulnerability
  ☆152Updated 3 years ago
• Ridter / get_ip_by_ico
  从shodan获取使用了相同favicon.ico的网站
  ☆191Updated 6 years ago
• Lonely-night / fastjson_gadgets_scanner
  ☆131Updated 3 years ago
• cowtowncoder / jackson-compat-minor
  Test repository for verifying compatibility between adjacent minor versions
  ☆36Updated 10 months ago
• Qclover / jsspider
  A js infomation dig tool.
  ☆69Updated 5 years ago
• wudicainiao / AWVS12-Scan-Agent
  a AWVS12 api tool
  ☆121Updated 5 years ago
• sie504 / Struts-S2-xxx
  整理收集Struts2漏洞环境
  ☆270Updated 8 years ago
• lightless233 / geye
  🚀Faster Github Monitor🚀
  ☆104Updated 3 years ago
• longofo / rmi-jndi-ldap-jrmp-jmx-jms
  rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
  ☆310Updated 3 years ago
• NoneNotNull / SSRFX
  CVE-2014-4210+Redis未授权访问
  ☆98Updated 8 years ago
• AntSwordProject / ant_php_extension
  PHP 扩展, 用于 PHP-FPM、FastCGI、LD_PRELOAD等模式下突破 disabled_functions
  ☆106Updated 4 years ago
• proudwind / struts2_vulns
  Struts2 vuln env
  ☆43Updated 3 years ago
• D0g3-Lab / i-SOON_CTF_2018
  2018 第一届安洵杯 题目环境/源码/WP
  ☆45Updated 7 years ago
• gitrobtest / Java-Security
  Java Security Documents
  ☆81Updated 6 years ago
• undefinedd / extract0r-
  ☆44Updated 8 years ago
• guimaizi / testing_wave
  ☆59Updated 5 years ago
• wonderkun / CTFENV
  为应对CTF比赛而搭建的各种环境
  ☆156Updated 5 years ago
• meizjm3i / CTF-Challenge
  CTF题目收集
  ☆146Updated 7 years ago