wupco / PHP_INCLUDE_TO_SHELL_CHAR_DICTLinks
☆349Updated 2 years ago
Alternatives and similar repositories for PHP_INCLUDE_TO_SHELL_CHAR_DICT
Users that are interested in PHP_INCLUDE_TO_SHELL_CHAR_DICT are comparing it to the libraries listed below
Sorting:
- dotnet 反序列化学习笔记☆512Updated 2 years ago
- Automatically converts Python source code to Pickle opcode☆160Updated last year
- A plugin for CTFd which allow your users to deploy a standalone instance for challenges.☆242Updated last year
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆753Updated 3 years ago
- Collections of CTF-WEB-challs mainly for review purpose.☆30Updated 2 years ago
- CTF中任意文件读取的fuzz列表 (Arbitrary file read fuzz list in CTF)☆275Updated 3 years ago
- 80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background serv…☆866Updated last year
- 自动化的 Python 沙箱逃逸 payload bypass 框架 / Automated Python Sandbox Escape Payload Bypass Framework☆99Updated last year
- 关于我在CTF中的所有东西☆418Updated 3 months ago
- javaDeserializeLabs☆70Updated 2 years ago
- exec BashCommand with only ! # $ ' ( ) < \ { } just 10 charset used in Bypass or CTF�☆258Updated last year
- CodeQL extractor for java, which don't need to compile java source☆349Updated 3 years ago
- Linux Eelvation(持续更新)☆408Updated 3 years ago
- ☆161Updated last year
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆751Updated 4 years ago
- A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.☆323Updated last year
- A tiny project for generating SnakeYAML deserialization payloads☆625Updated 3 months ago
- ZKar is a Java serialization protocol analysis tool implement in Go.☆631Updated 11 months ago
- JDBC Connection URL Attack☆437Updated 4 years ago
- ☆520Updated 3 years ago
- Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()☆500Updated last year
- ysoserial修改版,着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。☆747Updated 2 years ago
- 闭源系统半自动漏洞挖掘工具,针对 jar/war/zip 进行静态代码分析,输出从source到sink的可达路径。LLM将验证路径可达性,并根据上下文给出该路径可信分数☆500Updated this week
- docker container escape check || Docker 容器逃逸检测☆651Updated 3 years ago
- CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2…☆279Updated 2 years ago
- 记录学习codeql的过程☆394Updated 2 years ago
- A lab to help you learning SSTI☆117Updated 2 years ago
- Unicode fuzzer for various purposes☆49Updated 4 years ago
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆563Updated 2 months ago
- A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-v…☆556Updated last month