xcanwin / CVE-2023-4357-Chrome-XXE
[漏洞复现] 全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞 EXP, 实现对访客者本地文件窃取. Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors.
☆214Updated last month
Alternatives and similar repositories for CVE-2023-4357-Chrome-XXE
Users that are interested in CVE-2023-4357-Chrome-XXE are comparing it to the libraries listed below
Sorting:
- Chrome-RCE-Poc☆83Updated 8 months ago
- 闭源系统半自动漏洞挖掘工具,针对 jar/war/zip 进行静态代码分析,输出从source到sink的可达路径。LLM将验证路径可达性,并根据上下文给出该路径可信分数☆452Updated last month
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆363Updated 3 weeks ago
- ebpf WebShell/内核马,一种新型内核马/WebShell技术☆331Updated last year
- RDL的堆溢出导致的RCE☆214Updated 9 months ago
- Extract website information from Vue☆269Updated last year
- nginx WebShell/内存马,更优雅的nignx backdoor☆305Updated last year
- [漏洞复现] 全球首款利用PHP默认环境(XAMPP)的CVE-2024-4577 PHP-CGI RCE 漏洞 EXP。☆147Updated 9 months ago
- 让"WAF绕过"变得简单☆373Updated 3 months ago
- WPS-Office 1-Click RCE exp 202308091546☆140Updated last year
- 愿我的努力与付出,能成为你向上攀登的基石。要是10年前有人告诉我这些就好了。☆241Updated 4 months ago
- Docker容器逃逸工具(Docker Escape Tools)☆273Updated 2 years ago
- Java Js Engine Payloads All in one☆271Updated last year
- Java web路由内存分析工具☆431Updated 5 months ago
- 入侵痕迹清理/Cleaning up traces of intrusion☆209Updated 6 months ago
- WPS Office RCE On 2023-08-10☆249Updated last year
- 利用oss实现http转发/cobalt strike上线☆351Updated 2 years ago
- ☆146Updated 11 months ago
- Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式☆510Updated 2 months ago
- dotnet 反序列化学习笔记☆457Updated last year
- 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新☆37Updated 3 years ago
- The container escape challenge of Be A RWCTFer competition (https://be-a-rwctfer.realworldctf.com/)☆61Updated last month
- 不那么一样的 Java Agent 内存马☆263Updated last year
- IoT_Vulnerability_Wiki IoT漏洞知识库☆197Updated 4 months ago
- 不定期记录一下浪费了时间去关注过的垃圾CVE漏洞。☆119Updated last year
- 一款基于污点分析的PHP扫描工具,能快速匹配从常见Source点如$_POST、$GET到Sink点system等的路径,同时支持单独对函数的扫描。☆118Updated last month
- CVE-2023-0386 analysis and Exp☆117Updated 2 years ago
- 使用分支对抗技术制作的PHP Webshell,截止2024年1月18日,共数十个查杀引擎免杀☆294Updated last year
- CVE-2022-2639 Linux kernel openvswitch local privilege escalation☆108Updated 2 years ago
- 2023白帽补天大会部分代码☆124Updated last year