veracode-research / actuator-testbed
A vulnerable application exposing Spring Boot Actuators
β122Updated 6 years ago
Alternatives and similar repositories for actuator-testbed:
Users that are interested in actuator-testbed are comparing it to the libraries listed below
- Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12β94Updated 2 years ago
- π±βπ» Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution π±βπ»β150Updated 6 years ago
- forked from frohoff/ysoserial and added my own payloads.β151Updated 5 years ago
- Apache Solr RCE (ENABLE_REMOTE_JMX_OPTS="true")β101Updated 5 years ago
- fastjson-1.2.47β66Updated 5 years ago
- Remote Command Execution Over Sparkβ96Updated 7 years ago
- exploit Apache Flink Web Dashboard unauth rce on right way by python2 scriptsβ90Updated 5 years ago
- Apache Solr RCE via Velocity templateβ108Updated 5 years ago
- CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCEβ106Updated 5 years ago
- β71Updated 2 years ago
- β111Updated 5 years ago
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Databaseβ106Updated 5 years ago
- JRE8u20_RCE_Gadgetβ251Updated 8 years ago
- Atlassian JIRA Template injection vulnerability RCEβ93Updated 5 years ago
- Weblogic CVE-2020-14645 UniversalExtractor JNDI injection getDatabaseMetaData()β79Updated 4 years ago
- Spring Boot Actuator (jolokia) XXE/RCEβ317Updated 4 years ago
- Rusty Joomla RCE Exploitβ69Updated 2 years ago
- FasterXML/jackson-databind θΏη¨δ»£η ζ§θ‘ζΌζ΄β73Updated 5 years ago
- GitLab 11.4.7 SSRFι εredisθΏη¨ζ§θ‘代η β123Updated 6 years ago
- Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"β101Updated 5 years ago
- Burp extension intended to compact Burp extension tabs by hijacking them to own tab.β130Updated 4 years ago
- django ζΌζ΄οΌCVE-2020-7471 Potential SQL injection via StringAgg(delimiter) ηζΌζ΄η―ε’ε POCβ104Updated 5 years ago
- CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Scriptβ138Updated 6 years ago
- Zimbra XXE+SSRF+UPLOAD Pocβ59Updated 5 years ago
- Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.β35Updated 5 years ago
- Apache Tomcat + MongoDB Remote Code Executionβ114Updated 4 years ago
- Apache Solr DataImport Handler RCEβ90Updated 5 years ago
- β58Updated 4 years ago
- cve-2020-0688β163Updated 5 years ago
- Shiro RCE (Padding Oracle Attack)β143Updated 5 years ago