welk1n / JNDI-Injection-Bypass
Some payloads of JNDI Injection in JDK 1.8.0_191+
☆478Updated 4 years ago
Alternatives and similar repositories for JNDI-Injection-Bypass:
Users that are interested in JNDI-Injection-Bypass are comparing it to the libraries listed below
- Weblogic IIOP CVE-2020-2551☆333Updated 5 years ago
- Spring Boot Actuator (jolokia) XXE/RCE☆317Updated 4 years ago
- forked from frohoff/ysoserial and added my own payloads.☆151Updated 5 years ago
- A tiny project for generating SnakeYAML deserialization payloads☆591Updated 6 years ago
- Redis 4.x/5.x RCE☆541Updated 4 years ago
- An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability☆467Updated last year
- A malicious LDAP server for JNDI injection attacks☆319Updated 3 years ago
- Demo code for post <Restrictions of JNDI Manipulation RCE & Bypass>☆261Updated 2 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆705Updated 4 years ago
- Tools, utilities and scripts to help you write redis modules!☆277Updated 10 months ago
- Java RCE 回显测试代码☆1,011Updated 4 years ago
- CVE-2021-21972 Exploit☆491Updated last year
- Apache Solr Exploits 🌟☆340Updated 4 years ago
- ZKar is a Java serialization protocol analysis tool implement in Go.☆611Updated 2 months ago
- Remote Code Injection In Log4j☆464Updated 3 years ago
- Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE☆176Updated 2 years ago
- Tomcat-Ajp协议文件读取漏洞☆775Updated 5 years ago
- MySQL fake server for read files of connected clients☆598Updated 7 years ago
- Redis 4.x & 5.x RCE☆141Updated 5 years ago
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆309Updated 2 years ago
- a webshell resides in the memory of java web server☆671Updated 6 years ago
- 利用链、漏洞检测工具☆367Updated 8 months ago
- JDBC Connection URL Attack☆408Updated 3 years ago
- redis ssrf gopher generater & redis ssrf to rce by master-slave-sync☆85Updated 4 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆515Updated 4 years ago
- weblogic t3 deserialization rce☆270Updated 7 years ago
- redis 4.x/5.x master/slave getshell module☆364Updated 5 years ago
- A helpful Java Deserialization exploit framework.☆1,210Updated 2 months ago
- Shiro-721 RCE Via RememberMe Padding Oracle Attack☆260Updated 4 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆352Updated 3 years ago