vulhub / JNDIExploit
A malicious LDAP server for JNDI injection attacks
☆52Updated last year
Alternatives and similar repositories for JNDIExploit:
Users that are interested in JNDIExploit are comparing it to the libraries listed below
- 自己积累的一些Java反序列化利用链☆87Updated 2 years ago
- dubbo快速利用exp,基本上老版本覆盖100%。☆102Updated last year
- Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit☆79Updated last year
- 基于ysoserial扩展命令执行结果回显,生成冰蝎内存马☆87Updated last year
- 一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。☆167Updated last year
- fastjson 80 远程代码执行漏洞复现☆191Updated 2 years ago
- Java命令行文件监控小工具(代码审计)☆101Updated 3 years ago
- A heapdump leaks Shiro key causing RCE vulnerability environment.☆53Updated 10 months ago
- 支持自动化的切换请求方式、自动化的请求重试、以完整的扫描Springboot路径☆3Updated 3 years ago
- 一个Spring4Shell 被动式检测的Burp插件☆93Updated 2 years ago
- 泛微OA_V9全版本的SQL远程代码执行漏洞☆157Updated 2 years ago
- 一款探测fastjson漏洞的BurpSuite插件☆61Updated 2 years ago
- evil-mysql-server is a malicious database written to target jdbc deserialization vulnerabilities and requires ysoserial.☆87Updated 2 years ago
- BurpHttpHelper是一款Burpsuite插件,主要用于简化和解决Burpsuite对Http的一些操作.☆102Updated 2 years ago
- 在原有yso基础上实现依赖分离,内存马注入等功能。A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆68Updated 3 years ago
- Java漏洞分析汇合☆142Updated 3 years ago
- ☆55Updated last year
- 基于dbcp的fastjson rce 回显☆191Updated 3 years ago
- MemShell List☆79Updated last year
- springboot跨线程注入内存马☆116Updated 2 years ago
- ☆117Updated last year
- nuclei模版生成插件☆105Updated last year
- xxl-job未授权命令执行☆107Updated 3 years ago
- A Java Route Collection Tool☆91Updated 7 months ago
- XxlJob<=2.1.2配置不当情况下反序列化RCE☆92Updated 4 years ago
- Assassin是一款精简的基于命令行的webshell管理工具,它有着多种payload发送方式和编码方式,以及精简的payload代码,使得它成为隐蔽的暗杀者,难以被很好的防御。☆116Updated 2 years ago
- 哥斯拉nacos后渗透插件 maketoken adduser☆144Updated last year
- ☆68Updated 3 years ago
- check hikvision/ys7 api☆70Updated last year
- HW2023中安全厂和超级大厂的大爆炸☆65Updated last year