Alternatives and similar repositories for shiro_rce_exp

Users that are interested in shiro_rce_exp are comparing it to the libraries listed below

• kingkaki / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆102Updated 5 years ago
• jas502n / SHIRO-550
  Shiro RememberMe 1.2.4 反序列化 漏洞
  ☆55Updated 5 years ago
• uknowsec / BurpSuite-Extender-fastjson
  Reference：https://www.w2n1ck.com/article/44/
  ☆155Updated 5 years ago
• jas502n / SHIRO-721
  RememberMe Padding Oracle Vulnerability RCE
  ☆71Updated 5 years ago
• kingkaki / Exploit-scripts
  存放一些自己写过的漏洞利用脚本
  ☆48Updated 6 years ago
• jas502n / e-cology
  e-cology OA_Beanshell_RCE
  ☆83Updated 5 years ago
• momika233 / Joomla-3.4.6-RCE
  Joomla 3.4.6 – Remote Code Execution
  ☆110Updated last year
• shengqi158 / Jackson-databind-RCE-PoC
  ☆82Updated 7 years ago
• 1c3z / fileleak
  又一款敏感文件泄漏检测工具
  ☆105Updated 5 years ago
• jas502n / CVE-2019-2888
  WebLogic EJBTaglibDescriptor XXE漏洞(CVE-2019-2888)
  ☆59Updated 5 years ago
• tobechenghuai / Shiro_721_Padding_Oracle_RCE
  Shiro_721 exp 纯手工实现Padding Oracle整个过程
  ☆67Updated 5 years ago
• StarkChristmas / Shiro_exploit
  Apache Shiro Java Analysis and Utilization of Deserialization Vulnerabilities
  ☆41Updated 5 years ago
• Qclover / jsspider
  A js infomation dig tool.
  ☆69Updated 5 years ago
• iSafeBlue / fastjson-autotype-bypass-demo
  fastjson 1.2.68 版本 autotype bypass
  ☆141Updated 3 years ago
• Tycx2ry / docker_api_vul
  docker 未授权访问漏洞利用脚本
  ☆139Updated 9 years ago
• jas502n / SpringBoot_Actuator_RCE
  SpringBoot_Actuator_RCE
  ☆96Updated 5 years ago
• 0xzmz / burpsuite_jsapi
  A BurpSuite extension written by Python,used to find API interface in JS file.
  ☆115Updated 2 years ago
• SecurityCN / Vulnerability-analysis
  ☆62Updated 5 years ago
• black-mirror / Weblogic
  Weblogic CVE-2019-2725 CVE-2019-2729 Getshell 命令执行
  ☆69Updated 6 years ago
• aRe00t / rce-over-spark
  Remote Command Execution Over Spark
  ☆97Updated 7 years ago
• c26root / hb
  Fast http batch request tool
  ☆105Updated 2 years ago
• Artemis1029 / Java_xmlhack
  帮助java环境下任意文件下载情况自动化读取源码的小工具
  ☆166Updated 6 years ago
• we1h0 / SiteServer-CMS-Remote-download-Getshell
  SiteServer CMS 5.x远程模板下载Getshell漏洞
  ☆68Updated 5 years ago
• TheKingOfDuck / paramFuzzer
  一款高效的参数fuzz工具|A faster param fuzzing test tool
  ☆102Updated 4 years ago
• is101101 / sqlmap_chunked_proxy
  sqlmap分块传输代理
  ☆49Updated 6 years ago
• guimaizi / testing_wave
  ☆58Updated 5 years ago
• threedr3am / tomcat-cluster-session-sync-exp
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆213Updated 5 years ago
• jas502n / CVE-2019-3396
  Confluence 未授权 RCE (CVE-2019-3396) 漏洞
  ☆144Updated 5 years ago
• r35tart / RedisDirScan
  此脚本用于测试 Rdies 未授权访问，在没权限写ssh私钥和定时任务又不知道web绝对路径的情况下，进行WEB目录探测
  ☆73Updated 6 years ago
• jas502n / fastjson-RCE
  fastjson-1.2.47
  ☆66Updated 6 years ago