本工具的定位是快速生成Java安全相关的Payload,如内存马、反序列化链、JNDI url、Fastjson等,动态生成相关Payload,并附带相应的文档。
☆93Feb 25, 2025Updated last year
Alternatives and similar repositories for GenerateNoHard
Users that are interested in GenerateNoHard are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- My script to Prepare for the OSCP exam.I write some useful script by own or refere others and modify☆17Oct 24, 2021Updated 4 years ago
- Java agent without file 无文件的Java agent☆82Apr 7, 2022Updated 3 years ago
- 之前的个人wiki。现在用 Blog 的形式来写了。这个wiki就放在这里吧。希望里面的内容能帮助到别人。☆10Apr 2, 2020Updated 5 years ago
- 子域名收集和整理脚本、配合Oneforall食用更佳☆11May 10, 2020Updated 5 years ago
- Mybb associate CVE-2021-27890 & CVE-2021-27889 to RCE poc☆10Mar 25, 2021Updated 4 years ago
- Java应用的一些配置文件字典,来源于公开的字典与平时收集☆320Feb 1, 2024Updated 2 years ago
- Some traffic encryption webshell and encoder for AntSword. 蚁剑流量加密马及编码器☆75Dec 5, 2020Updated 5 years ago
- 基于BurpShiroPassiveScan修改增加了Xray回显链生成☆56Sep 6, 2022Updated 3 years ago
- Java web路由内存分析工具☆438May 22, 2025Updated 10 months ago
- fastjson不出网利用、c3p0☆256Jul 30, 2021Updated 4 years ago
- 内存马持久化☆59May 19, 2022Updated 3 years ago
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆270Mar 4, 2022Updated 4 years ago
- 用友的一些反序列化链子以及1day,二开了狼组的YongYouNcTool,改了一下逻辑以及poc☆125Oct 12, 2024Updated last year
- ☆309Feb 27, 2025Updated last year
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆462Jan 12, 2025Updated last year
- 一款用于辅助渗透测试工程师日常渗透测试的Burp被动漏扫插件☆242Nov 25, 2022Updated 3 years ago
- ☆21Oct 7, 2022Updated 3 years ago
- 用Java agent实现内存马等功能☆198Jul 27, 2023Updated 2 years ago
- JNDI在java高版本的利用工具,FUZZ利用链☆597Oct 8, 2022Updated 3 years ago
- Spring Actuator端点的BurpSuite被动扫描插件。☆202Nov 2, 2022Updated 3 years ago
- 自己积累的一些Java反序列化利用链☆91Feb 27, 2023Updated 3 years ago
- rmi打内存马工具,适用于目标用不了ldap的情况☆253Jul 12, 2023Updated 2 years ago
- 域内自动化信息搜集利用工具☆468Oct 24, 2023Updated 2 years ago
- 连接eval一句话webshell,获得可交互的虚拟终端☆97Sep 7, 2022Updated 3 years ago
- OrcaC2是一款基于Websocket加密通信的多功能C&C框架,使用Golang实现。☆676Dec 30, 2022Updated 3 years ago
- 通过正则搜索、批量反编译特定Jar包中的class名称☆321Dec 9, 2021Updated 4 years ago
- java反序列化学习笔记☆16Nov 17, 2021Updated 4 years ago
- JavaGadgetGenerator 工具,支持 ysoserial,Hessian,字节码,Expr/SSTI,Shiro,JDBC 等 Gadget 生成,封装,混淆,出网延迟探测,内存马注入等...☆552Dec 7, 2025Updated 3 months ago
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,050Oct 7, 2022Updated 3 years ago
- Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式☆544Mar 6, 2025Updated last year
- JavaPassDump☆273Jan 7, 2022Updated 4 years ago
- Java命令行文件监控小工具(代码审计)☆106Nov 29, 2021Updated 4 years ago
- 建议使用新版:https://github.com/jar-analyzer/jar-analyzer☆897Nov 30, 2023Updated 2 years ago
- 这是一个用Go编写的红队内网环境中一个能快速开启HTTP文件浏览服务的小工具,能够执行shell命令,可以执行webshell☆78May 7, 2023Updated 2 years ago
- Java表达式语句生成器☆194Oct 9, 2023Updated 2 years ago
- 🚀 一款为了学习go而诞生的漏洞利用工具☆451Jun 14, 2022Updated 3 years ago
- 一个垃圾利用工具,半自动发包机器☆228Sep 8, 2022Updated 3 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆753Apr 14, 2021Updated 4 years ago
- Java RCE 回显测试代码☆1,015Oct 15, 2020Updated 5 years ago