wh1t3p1g / ysoserial

Related projects ⓘ

Alternatives and complementary repositories for ysoserial

• Y4er / CVE-2020-2555
  Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE
  ☆176Updated last year
• waderwu / attackRmi
  attackRmi
  ☆250Updated 4 years ago
• mhaskar / XMLDecoder-payload-generator
  A simple python script to generate XML payloads works for XMLDecoder based on ProcessBuilder and Runtime exec
  ☆149Updated 3 years ago
• 5up3rc / weblogic_cmd
  weblogic t3 deserialization rce
  ☆264Updated 7 years ago
• Y4er / CVE-2020-2551
  Weblogic IIOP CVE-2020-2551
  ☆333Updated 4 years ago
• mpgn / Spring-Boot-Actuator-Exploit
  Spring Boot Actuator (jolokia) XXE/RCE
  ☆317Updated 4 years ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆122Updated 5 years ago
• Y4er / CVE-2020-2883
  Weblogic coherence.jar RCE
  ☆178Updated 4 years ago
• jas502n / solr_rce
  Apache Solr RCE via Velocity template
  ☆107Updated 4 years ago
• kingkaki / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆100Updated 4 years ago
• wuppp / shiro_rce_exp
  Shiro RCE (Padding Oracle Attack)
  ☆142Updated 4 years ago
• random-robbie / cve-2020-0688
  cve-2020-0688
  ☆162Updated 4 years ago
• lalajun / RMIDeserialize
  RMI 反序列化环境 一步步
  ☆211Updated 4 years ago
• hvqzao / burp-wildcard
  Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
  ☆128Updated 3 years ago
• mogwailabs / mjet
  MOGWAI LABS JMX exploitation toolkit
  ☆197Updated last year
• mpgn / CVE-2019-7238
  🐱‍💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱‍💻
  ☆149Updated 5 years ago
• Imanfeng / Apache-Solr-RCE
  Apache Solr Exploits 🌟
  ☆336Updated 4 years ago
• jas502n / SpringBoot_Actuator_RCE
  SpringBoot_Actuator_RCE
  ☆96Updated 4 years ago
• jas502n / fastjson-RCE
  fastjson-1.2.47
  ☆65Updated 5 years ago
• CHYbeta / OddProxyDemo
  ☆185Updated 6 months ago
• jas502n / CVE-2019-3396
  Confluence 未授权 RCE (CVE-2019-3396) 漏洞
  ☆145Updated 5 years ago
• Y4er / fastjson-bypass-autotype-1.2.68
  fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
  ☆223Updated 2 years ago
• Y4er / CVE-2020-14645
  Weblogic CVE-2020-14645 UniversalExtractor JNDI injection getDatabaseMetaData()
  ☆79Updated 4 years ago
• TopScrew / CVE-2019-2725
  CVE-2019-2725命令回显+webshell上传+最新绕过
  ☆189Updated 5 years ago
• Al1ex / CVE-2020-36179
  CVE-2020-36179~82 Jackson-databind SSRF&RCE
  ☆81Updated 3 years ago
• QdghJ / burp_data_collector
  A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting
  ☆89Updated 3 years ago
• threedr3am / tomcat-cluster-session-sync-exp
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆213Updated 4 years ago
• black-mirror / Weblogic
  Weblogic CVE-2019-2725 CVE-2019-2729 Getshell 命令执行
  ☆68Updated 5 years ago