Found 17,532 repositories(showing 30)
threedr3am
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
JoyChou93
Java web common vulnerabilities and security code which is base on springboot and spring security
wyzxxz
JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具
qi4L
JNDIExploit or a ysoserial.
qtc-de
Java RMI Vulnerability Scanner
cckuailong
80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
NickstaDB
Java RMI enumeration and attack tool.
wuba
Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工具。其基于带外应用安全测试(OAST)通过任务的形式,将不同漏洞场景检测能力通过插件的形式进行集合,通过与目标进行out-bind的数据通信方式进行辅助检测。
Mongkii
基于 React Hooks 与 flex 布局,实现了大部分功能的思维导图。 / An almost-full-function Mindmap web app developed with only React Hooks and flex layout.
X1r0z
A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-version JDK restrictions
Whoopsunix
Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式
ac0d3r
Hyuga is a tool for monitoring Out-of-Band (OOB) traffic, supporting DNS, HTTP, LDAP, RMI, and DNS-Rebinding。🪤
AbelChe
Cola Dnslog v1.3.2 更加强大的dnslog平台/无回显漏洞探测辅助平台 完全开源 dnslog httplog ldaplog rmilog 支持dns http ldap rmi等协议 提供API调用方式便于与其他工具结合 支持钉钉机器人、Bark等提醒 支持docker一键部署 后端完全使用python实现 前端基于vue-element-admin二开
kohlschutter
Unix Domain Sockets for all Java versions 7 and newer (AF_UNIX), AF_TIPC, AF_VSOCK, and more
BishopFox
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
RuedigerMoeller
distributed Actors for Java 8 / JavaScript
longofo
rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
ZJULearning
This is the code for the NeurIPS 2019 paper Region Mutual Information Loss for Semantic Segmentation.
VoodooSMBus
Synaptic Trackpad driver over SMBus/I2C for macOS
waderwu
attackRmi
novysodope
rmi打内存马工具,适用于目标用不了ldap的情况
hikalkan
TCP Server/Client Communication and RMI Framework
sandeepmistry
No description available
A-D-Team
No description available
learnedsystems
The recursive model index, a learned index structure
lalajun
RMI 反序列化环境 一步步
realLiangshiwei
signalr core 小程序版客户端js
H4cking2theGate
Java反序列化/JNDI注入/恶意类生成工具,支持多种高版本bypass,支持回显/内存马等多种扩展利用。
singgel
干净的springboot-netty,google protocol buffer,根目录下我给你放了一本《Netty实战(精髓)》,test下关于同步回调和异步回调、JUC和NIO(RPC我也加进来了)的一些讲解的方法代码
f0ng
用于解决判断出网情况的问题,以http、ldap、rmi以及socket形式批量监听端口,在web界面进行结果查看