Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls
☆42Jan 22, 2016Updated 10 years ago
Alternatives and similar repositories for jndipoc
Users that are interested in jndipoc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116May 17, 2019Updated 6 years ago
- Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)☆38Apr 14, 2016Updated 9 years ago
- Simple socket-based gateway to the Burp Collaborator☆34Nov 23, 2016Updated 9 years ago
- ☆10Aug 8, 2015Updated 10 years ago
- A static byte code analyzer for Java deserialization gadget research☆251Apr 17, 2017Updated 8 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Mogwai Java Management Extensions (JMX) Exploitation Toolkit☆174Jul 21, 2016Updated 9 years ago
- java unserialize vulnerability payload☆21Apr 20, 2019Updated 6 years ago
- JAVA Vul Code JAVA常见漏洞与防御代码示例☆10Sep 18, 2018Updated 7 years ago
- POC for XStream RCE☆13Dec 23, 2013Updated 12 years ago
- SSH Ranking system! :D (re-write of ssh-fail-watcher)☆26Dec 20, 2014Updated 11 years ago
- 一款存储HTTP请求入库的burpsuite插件☆29Apr 8, 2018Updated 7 years ago
- PoC for Scala and Groovy☆14Apr 4, 2016Updated 9 years ago
- A fake JDBC driver that allows OS command execution.☆125Oct 2, 2022Updated 3 years ago
- Scan SSL based TCP services, ips, ports and network ranges to obtain certificate expiry data. Get automated alerts about certificates exp…☆29Feb 20, 2016Updated 10 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆387Apr 16, 2022Updated 3 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- The official exploit for Cacti v1.2.8 Remote Code Execution CVE-2020-8813☆68Feb 22, 2020Updated 6 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- 个人用于在自动化挖掘gadget时,方便查找gadget chains中class所在jar包,以助于便捷审计测试gadget有效性的那么一个小工具。☆60Mar 25, 2020Updated 6 years ago
- JavaPayload is a collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfiguratio…☆126Jan 20, 2025Updated last year
- A semi fast tool to bruteforce values of LDAP injections over HTTP.☆14Dec 4, 2013Updated 12 years ago
- Uses InstallUtil.exe to load a compatible executable from a network share.☆12Mar 8, 2016Updated 10 years ago
- laravel 5.8 rce pop chain☆26Oct 27, 2019Updated 6 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A plugin to check xss by using chrome_headless☆52Sep 17, 2018Updated 7 years ago
- Apache Log4j 1.2.X存在反序列化远程代码执行漏洞☆78Dec 25, 2019Updated 6 years ago
- An evolving hacking framework written in python☆11Jan 11, 2015Updated 11 years ago
- A webshell connection tool with customized WAF bypass payloads☆125Sep 12, 2018Updated 7 years ago
- ☆85Dec 6, 2019Updated 6 years ago
- Burp extension for decoding WCF-gzipped requests.☆12Jan 25, 2016Updated 10 years ago
- Example code for following along with my "Broken, Abandoned, and Forgotten Code" blog series☆25Aug 19, 2018Updated 7 years ago
- Scan networks for HTTP servers, do stuff when you find them.☆13Sep 11, 2017Updated 8 years ago
- Utilities for creating Burp Suite Extensions.☆21Oct 31, 2024Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆34Jul 17, 2019Updated 6 years ago
- PoC to tunnel the Meterpreter reverse HTTP shell over RDP Virtual Channels☆67Feb 23, 2015Updated 11 years ago
- Struts2 vuln env☆43Dec 6, 2022Updated 3 years ago
- Apache Solr Injection Research☆580Jan 28, 2020Updated 6 years ago
- some java code i met or i used☆29May 7, 2019Updated 6 years ago
- Web Security Technology & Vulnerability Analysis Whitepapers☆549Jan 1, 2019Updated 7 years ago
- A simple dns resolver of dns-record and web-record log server for pentesting☆133Nov 7, 2017Updated 8 years ago