vulhub/JNDIExploit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/vulhub/JNDIExploit)

vulhub / JNDIExploit

A malicious LDAP server for JNDI injection attacks

☆53

Alternatives and similar repositories for JNDIExploit

Users that are interested in JNDIExploit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

X1r0z / spring-amqp-deserialization
View on GitHub
PoC of Spring AMQP Deserialization Vulnerability (CVE-2023-34050)
☆13Jan 29, 2024Updated 2 years ago
luelueking / Java-CVE-Lists
View on GitHub
☆19Jun 7, 2023Updated 2 years ago
pen4uin / java-echo-generator
View on GitHub
一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.
☆462Jan 12, 2025Updated last year
BeichenDream / GodzillaMemoryShellProject
View on GitHub
☆309Feb 27, 2025Updated last year
hosch3n / FastjsonVulns
View on GitHub
[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
☆91Sep 2, 2022Updated 3 years ago
Wordpress hosting with auto-scaling on Cloudways • Ad
Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
turn1tup / JspEncounter
View on GitHub
☆123Jun 7, 2023Updated 2 years ago
su18 / hack-fastjson-1.2.80
View on GitHub
☆525Sep 16, 2022Updated 3 years ago
wgpsec / YongYouNcTool
View on GitHub
用友NC系列漏洞检测利用工具，支持一键检测、命令执行回显、文件落地、一键打入内存马、文件读取等
☆586Aug 19, 2023Updated 2 years ago
xk4ng / NacosDefaultToken
View on GitHub
Alibaba Nacos存在默认token.secret.key，导致远程攻击者可以绕过密钥认证接管Nacos
☆19Mar 17, 2023Updated 3 years ago
woodpecker-appstore / yonyou-nc-decrypter
View on GitHub
用友 nc 系列密码解密
☆62Apr 7, 2023Updated 3 years ago
Lotus6 / ConfluenceMemshell
View on GitHub
Confluence CVE 2021，2022，2023 利用工具，支持命令执行，哥斯拉，冰蝎内存马注入
☆557Feb 1, 2024Updated 2 years ago
rebeyond / JNDInjector
View on GitHub
一个高度可定制化的JNDI和Java反序列化利用工具
☆473Jan 17, 2023Updated 3 years ago
bravery9 / weblogic_exploit
View on GitHub
weblogic漏洞利用工具
☆17Jul 16, 2020Updated 5 years ago
PortSwigger / mcp-proxy
View on GitHub
SSE to Stdio MCP Proxy Server
☆21Mar 9, 2026Updated last month
Open source password manager - Proton Pass • Ad
Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
Hutt0n0 / ActiveMqRCE
View on GitHub
用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用内存马注入
☆288Nov 20, 2023Updated 2 years ago
c0ny1 / java-memshell-scanner
View on GitHub
通过jsp脚本扫描java web Filter/Servlet型内存马
☆993Mar 9, 2023Updated 3 years ago
xzxxzzzz000 / impacket-programming-manual
View on GitHub
impacket编程手册
☆104Oct 13, 2023Updated 2 years ago
Whoopsunix / fastjson_study
View on GitHub
Abandoned - fastjson 1.2.24-1.2.80 poc & vulns env & how to check vul
☆96Oct 30, 2023Updated 2 years ago
whwlsfb / pty_bind_shell
View on GitHub
Pty bind shell for golang 一款基于SSH协议的远控程序
☆49Feb 23, 2022Updated 4 years ago
XiaoliChan / LDAPShell
View on GitHub
A wrapper of ldap_shell.py module which in ntlmrelayx
☆62Sep 22, 2022Updated 3 years ago
4ra1n / mysql-fake-server
View on GitHub
纯 Java 实现的 MySQL Fake Server | 支持 GUI 版和命令行版 | 支持反序列化和文件读取的利用方式 | 支持常见的 GADGET 和自定义 GADGET 数据 | 根据目标环境自动生成匹配的 PAYLOAD | 支持 PGSQL 和 DERBY …
☆825Sep 18, 2023Updated 2 years ago
yzddmr6 / Java-Js-Engine-Payloads
View on GitHub
Java Js Engine Payloads All in one
☆291Aug 21, 2023Updated 2 years ago
BeichenDream / CVE-2022-26134-Godzilla-MEMSHELL
View on GitHub
☆342Jun 7, 2022Updated 3 years ago
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
silentsignal / WebSphere-WSIF-gadget
View on GitHub
CVE-2020-4464 / CVE-2020-4450
☆36Aug 24, 2021Updated 4 years ago
ReaJason / MemShellParty
View on GitHub
一款专注于 Java 主流 Web 中间件的内存马快速生成工具，致力于简化安全研究人员和红队成员的工作流程，提升攻防效率
☆1,401Mar 30, 2026Updated last week
Ridter / PySQLTools
View on GitHub
Mssql利用工具
☆278Aug 7, 2023Updated 2 years ago
0x727 / BypassPro
View on GitHub
对Auth/Waf 自动化bypass的burpsuite插件
☆1,120Feb 28, 2026Updated last month
Zh0um1 / CVE-2022-22947
View on GitHub
CVE-2022-22947注入哥斯拉内存马
☆28Jun 21, 2023Updated 2 years ago
Drun1baby / CTF-Repo-2023
View on GitHub
2023 各大 CTF 的比赛附件
☆49May 7, 2023Updated 2 years ago
whwlsfb / cve-2022-22947-godzilla-memshell
View on GitHub
CVE-2022-22947 注入Godzilla内存马
☆211Apr 26, 2022Updated 3 years ago
phith0n / zkar
View on GitHub
ZKar is a Java serialization protocol analysis tool implement in Go.
☆651Feb 15, 2025Updated last year
achuna33 / Memoryshell-JavaALL
View on GitHub
收集内存马打入方式
☆508May 20, 2022Updated 3 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
pen4uin / java-memshell-generator
View on GitHub
一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
☆2,177Aug 21, 2025Updated 7 months ago
Schira4396 / VcenterKiller
View on GitHub
一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
☆1,473Apr 25, 2024Updated last year
JDArmy / NO445-lateral-movement
View on GitHub
command execute without 445 port
☆57Feb 25, 2022Updated 4 years ago
KimJun1010 / inspector
View on GitHub
IDEA代码审计辅助插件（深信服深蓝实验室天威战队强力驱动）
☆584Mar 10, 2025Updated last year
cckuailong / JNDI-Injection-Exploit-Plus
View on GitHub
80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background serv…
☆873Jun 24, 2024Updated last year
Y4tacker / CodeqlLearn
View on GitHub
记录学习codeql的过程
☆10Jan 27, 2022Updated 4 years ago
uknowsec / SharpSQLTools
View on GitHub
SharpSQLTools 和@Rcoil一起写的小工具，可上传下载文件，xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。
☆966Aug 5, 2021Updated 4 years ago