w181496 / FuckFastcgi
[Tool] Forge PHP FastCGI protocol to RCE with strict disable_functions
☆61Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for FuckFastcgi
- ☆78Updated 3 years ago
- Java After-Deserialization Attack☆79Updated 3 years ago
- redis ssrf gopher generater & redis ssrf to rce by master-slave-sync☆81Updated 4 years ago
- django 漏洞:CVE-2020-7471 Potential SQL injection via StringAgg(delimiter) 的漏洞环境和 POC☆104Updated 4 years ago
- ☆111Updated 4 years ago
- PaddingZip is a tool that you can craft a zip file that contains the padding characters between the file content.☆62Updated 2 years ago
- ☆39Updated 6 years ago
- ☆44Updated 6 years ago
- To solve some readflag situation in ctfs☆34Updated 3 years ago
- Writeup and environment for XCTF2021Final-Dubbo☆45Updated 3 years ago
- Rusty Joomla RCE Exploit☆70Updated last year
- bypass JEP290 RaspHook code☆62Updated 4 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Updated 4 years ago
- A modified reGeorg for One-line PHP Shell.☆86Updated 6 years ago
- kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609☆90Updated 5 years ago
- ☆58Updated 4 years ago
- Dockerfile for hitcon☆53Updated 6 years ago
- Unicode fuzzer for various purposes☆45Updated 2 years ago
- GitLab 11.4.7 SSRF配合redis远程执行代码☆123Updated 5 years ago
- Stick to it☆31Updated 3 years ago
- attackRmi☆250Updated 4 years ago
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet☆49Updated 3 years ago
- Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"☆101Updated 5 years ago
- Redis 4.x & 5.x RCE☆139Updated 5 years ago
- RMI 反序列化环境 一步步☆211Updated 4 years ago
- exploit Apache Flink Web Dashboard unauth rce on right way by python2 scripts☆89Updated 5 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆101Updated 4 years ago