wupco / PHP_INCLUDE_TO_SHELL_CHAR_DICT
☆330Updated 2 years ago
Alternatives and similar repositories for PHP_INCLUDE_TO_SHELL_CHAR_DICT:
Users that are interested in PHP_INCLUDE_TO_SHELL_CHAR_DICT are comparing it to the libraries listed below
- dotnet 反序列化学习笔记☆451Updated last year
- A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.☆282Updated 9 months ago
- exec BashCommand with only ! # $ ' ( ) < \ { } just 10 charset used in Bypass or CTF☆228Updated 7 months ago
- Automatically converts Python source code to Pickle opcode☆144Updated 2 months ago
- 80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background serv…☆778Updated 9 months ago
- JDBC Connection URL Attack☆406Updated 3 years ago
- JNDI 注入利用工具, 支持 RMI, LDAP 和 LDAPS 协议, 包含多种高版本 JDK 绕过方式 | A JNDI injection exploit tool that supports RMI, LDAP and LDAPS protocols, inclu…☆392Updated 5 months ago
- ☆137Updated 9 months ago
- 关于我在CTF中的所有东西☆360Updated 6 months ago
- CTF中任意文件读取的fuzz列表 (Arbitrary file read fuzz list in CTF)☆259Updated 3 years ago
- 闭源系统半自动漏洞挖掘工具,针对 jar/war/zip 进行静态代码分析,输出从source到sink的可达路径。LLM将验证路径可达性,并根据上下文给出该路径可信分数☆423Updated 2 months ago
- CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段☆250Updated 3 months ago
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆710Updated 2 years ago
- A plugin for CTFd which allow your users to deploy a standalone instance for challenges.☆235Updated 11 months ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆696Updated 3 years ago
- ☆504Updated 2 years ago
- ysoserial修改版,着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。☆670Updated last year
- Collections of CTF-WEB-challs mainly for review purpose.☆31Updated last year
- 自动化的 Python 沙箱逃逸 payload bypass 框架 / Automated Python Sandbox Escape Payload Bypass Framework☆68Updated 3 months ago
- 【Hello-CTF labs】一个想帮你收集所有RCE技巧的靶场。☆214Updated this week
- javaDeserializeLabs☆66Updated last year
- CodeQL extractor for java, which don't need to compile java source☆337Updated 2 years ago
- Java RCE 回显测试代码☆1,011Updated 4 years ago
- Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式☆507Updated 3 weeks ago
- Linux Eelvation(持续更新)☆395Updated 2 years ago
- Deployment template for docker target machine in ctf for CTFd and other platforms that support dynamic flags☆285Updated last week
- 利用链、漏洞检测工具☆367Updated 7 months ago
- A lab to help you learning SSTI☆101Updated last year
- Archive of attachments from previous CTF competitions☆97Updated last year
- 2020年CTF赛题仓库-第一部分☆156Updated 4 years ago