Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About

Search results for java exploitation

exploitation x
java x
26 search results found
Ysoserial ⭐ 7,002
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Androrat ⭐ 2,423
A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side
Jndi Injection Exploit ⭐ 2,161
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
Springbootexploit ⭐ 1,692
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用
Springbootvulexploit ⭐ 1,631
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
Jexboss ⭐ 1,470
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Ysomap ⭐ 1,045
A helpful Java Deserialization exploit framework.
As Exploits ⭐ 830
中国蚁剑后渗透框架
Hack Tools ⭐ 764
hack tools
Cve 2021 44228 Poc Log4j Bypass Words ⭐ 611
🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
Java Deserialization Exploits ⭐ 562
A collection of curated Java Deserialization Exploits
Pentestdb ⭐ 523
WEB渗透测试数据库
Rucky ⭐ 402
A simple to use USB HID Rubber Ducky Launch Pad for Android.
Jndi Injection Exploit Plus ⭐ 374
80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
Jmet ⭐ 312
Java Message Exploitation Tool
Disruptor ⭐ 270
Disruptor BlockingQueue
Rmiscout ⭐ 254
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
Anarchyexploitfixes ⭐ 247
Fix exploits on anarchy Minecraft servers
Shellver ⭐ 229
Reverse Shell Cheat Sheet TooL
Navex ⭐ 191
Personal_script ⭐ 179
Weblogic_unserialize_exploit ⭐ 169
java unserialize vul for weblogic exploit
Log4j Rce Proof Of Concept ⭐ 166
Log4j-RCE (CVE-2021-44228) Proof of Concept with additional information
Deserlab ⭐ 157
Java deserialization exploitation lab.
Leaky Leaky ⭐ 152
[PATCHED] Exploit that allows one to authenticate as any user in Minecraft
Ntrghidra ⭐ 140
A Nintendo DS binary loader for Ghidra
Spring Boot Actuator Exploit ⭐ 139
Spring Boot Actuator (jolokia) XXE/RCE
Mjet ⭐ 138
Mogwai Java Management Extensions (JMX) Exploitation Toolkit
Drozer Modules ⭐ 121
Java Deserialization Exploit ⭐ 117
Cve 2018 11776 Python Poc ⭐ 115
Working Python test and PoC for CVE-2018-11776, includes Docker lab
Illegalstack ⭐ 104
A spigot based plugin dedicated to fixing glitches and exploits that have made it into final Minecraft releases.
Javapayload ⭐ 103
JavaPayload is a collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfigurations (like not password protected Tomcat manager or debugger port).
Jackson Rce Via Spel ⭐ 101
An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
Springcore 0day En ⭐ 96
Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.
Richsploit ⭐ 95
Exploitation toolkit for RichFaces
Dumlracer ⭐ 89
Root Exploit for DJI Drones and Controllers (up to and including v01.04.0200)
React Native Webview Js Context ⭐ 87
Utilize the JavaScript VM running inside an iOS UIWebView to exploit libraries targeting the DOM (e.g. Google Charts)
Tomcat Webshell Application ⭐ 85
A webshell application and interactive shell for pentesting Apache Tomcat servers.
Coldfusionpwn ⭐ 84
Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12
Paperbin ⭐ 81
An experiment at improving the performance of PaperMC
Equationexploit ⭐ 71
Eternalblue Doublepulsar exploit
Exserial ⭐ 65
Java Untrusted Deserialization Exploits Tools
Xhunter ⭐ 63
Android Penetration Tool [ RAT for Android ]
Loubia ⭐ 55
Python script to exploit java unserialize on t3 (Weblogic)
Ysoserial Modified ⭐ 53
That repository contains my updates to the well know java deserialization exploitation tool ysoserial.
Snk Rat Php Rat ⭐ 52
fully advance and powerful android rat 2023 no port forwarding needed
Jndiexploit ⭐ 52
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
Universalandroot ⭐ 51
One click and your Android device is rooted !
Break Fast Serial ⭐ 49
A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
Demonhunter_exploitkit ⭐ 47
Source code to the Malicious Demon Hunter Exploit Kit
Cve 2018 2380 ⭐ 45
PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM
Jshodan ⭐ 43
Powerful Shodan API client using RxJava and Retrofit
Confiscate ⭐ 39
Discover duplication glitches, abusive staff giving items, x-ray or simply poor server economy.
Cve 2018 14667 ⭐ 38
All about CVE-2018-14667; From what it is to how to successfully exploit it.
Helepolis ⭐ 35
Android based APT exploitation framework
Lgpwn ⭐ 31
LG Root Exploit
Longtime Sunshine ⭐ 28
Nashorn Post Exploitation
Nekito ⭐ 26
Open-Source Crash client based on Niko by @narumii
Pixeldump_cve 2016 8462 ⭐ 26
Pixel bootlaoder exploit for reading flash storage
Burp Vulners Scanner ⭐ 25
Burp scanner plugin based on Vulners.com vulnerability database
Remote Code Execution Sample ⭐ 24
Demonstrate how usage of the Java Security Manager can prevent Remote Code Execution (RCE) exploits.
Wlt3serial ⭐ 24
Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.
Niko ⭐ 24
Small crash client base for retarded(german) people who steal other people's code.
Cve 2017 10366_peoplesoft ⭐ 23
CVE-2017-10366: Oracle PeopleSoft 8.54, 8.55, 8.56 Java deserialization exploit
Cve 2022 35405 ⭐ 23
ManageEngine PAM360, Password Manager Pro, and Access Manager Plus unauthenticated remote code execution vulnerability PoC-exploit
Jndi Injection Exploit ⭐ 22
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
Ctf ⭐ 21
CTF programs and writeups
Pyyso ⭐ 20
pyyso is a Python package that generate java serialized poc. Including CommonsCollections1-7, JDK7u21, JDK8u20, ldap for jndi, shiro-550, CommonsBeanutils1 no cc, JRMPClient, high version JDK Bypass, Fake MySQL for JDBC attack
Cve 2020 17530 ⭐ 20
S2-061 CVE-2020-17530
Cloak And Dagger ⭐ 19
An overlay attack example
Sentey ⭐ 19
Protect your Spigot server by blocking unknown BungeeCord and Velocity proxies and checking for invalid IP forwarding addresses.
Googlephotos Filestorage ⭐ 18
Exploiting Google Photos' unlimited photo storage
Mwr Android ⭐ 18
A collection of utilities for Android applications.
Xstreamserver ⭐ 17
RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler
Log4shell ⭐ 17
Check, exploit, generate class, obfuscate, TLS, ACME about log4j2 vulnerability in one Go program.
Afeserver ⭐ 17
tcpip based server which interacts with AFE
Java Web Vulnerabilities ⭐ 16
Plattform to develop and experiment with existing java web attacks.
Jdjitools ⭐ 16
Java DJI Tools
Tomcat_jmx_rce ⭐ 16
Mermaid ⭐ 15
Generate customized and undetectable exploits for Metasploit.
Lodreclib ⭐ 15
lodreclib is a Java library to build recommendation engines which exploit the information encoded in Linked (Open) Data datasets.
Confluence Hack ⭐ 14
CVE-2023-22515
Burritoroot ⭐ 14
Root Exploit by TeamAndIRC, released to root the Kindle Fire 6.2.1
No1seandrorat Android Remote Administration Tool Rat ⭐ 14
no1seAndroRAT is a remote access tool that utilizes msfvenom and apktool, all in one script for your convenience.
Tickshift ⭐ 13
The code for the TickShift exploit
Beefstrike ⭐ 13
Penetration testing bot for BeEF and Armitage/Cobalt Strike integration.
Exploitsx ⭐ 12
ExploitsX is a top-of-the-line constantly updated exploit fixer focused on patching bugs, lag glitches, and crash glitches for minecraft servers. It supports versions 1.8 through 1.17.
Ubersploits ⭐ 12
DJI NFZ payload delivery client (plus root exploit :)
Exploitpack ⭐ 11
Exploit Pack - Project
Log4j Poc ⭐ 11
A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell
Lost Phone Tracker App ⭐ 11
GPS or GSM tracker for Android - if your phone has been stolen
Nukejndilookupfromlog4j ⭐ 10
Selection of ways to remove JndiLookup in now obsolete Minecraft versions, or versions that still have log4j < 2.10 and is unable to use `-Dlog4j2.formatMsgNoLookups=true`
Cve 2017 5638 ⭐ 10
cve-2017-5638 Vulnerable site sample
Cve 2022 1388 ⭐ 10
F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LAB
Spring Break_cve 2017 8046 ⭐ 10
This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).
Templar Cosmetics Beta ⭐ 10
Various cosmetics exploits for Minecraft 1.12.2, specifically for the server 2b2t.org
Spring Boot Actuator Cloud Vul ⭐ 10
Spring Boot Actuator + Spring Cloud Vul Env
Groovy 2.4.5 Exploit ⭐ 10
Vulnerability Java Samples ⭐ 10
Sample exploits of common vulnerabilities in Java librarires
Related Searches
Java Spring (21,350)
Java Spring Boot (11,982)
Java Video Game (8,093)
Java Gradle (8,072)
Java Docker (6,180)
Java Database (6,015)
Java Mysql (5,954)
Java Sdk (5,864)
Java Server (5,794)
Javascript Java (5,468)
1-26 of 26 search results
Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source.  All rights reserved.