Huijietong_cloud_video_list_Information_leakage.go Hysine-webtalk-defaulte-password-vulnerability.json IBM-Spectrum-Protect-Plus-hostname-rce.json IBM-Spectrum-Protect-Plus-username-rce.json IBM-WebSphere-Application-Server-Deserialization-RCE-(CVE-2020-4450).json IFW8-Enterprise-...
This branch is 2992 commits behind nomi-sec/PoC-in-GitHub:master.Folders and filesLatest commit motikan2010-bot Auto Update 2022/09/15 06:17:57 16261cd· Sep 15, 2022 History3,994 Commits 1999 Auto Update 2022/09/03 00:20:55 Sep 3, 2022 ...
redis-rce:redis主从复制rce的go版本,可独立编译使用【支持执行命令+上传文件】 Fastjson-Gadgets-Automatic-Scanner:Python 编写的扫码 jar 包里的 fastjson 利用链 AgentInjectTool:改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能 ByPassBehinder4J:冰蝎Java WebShell免杀生成 ecapture:通过 hook ebpf 技术,无...
AceNet_AceReporter_Report_component_Arbitrary_file_download.go Add files via upload May 25, 2023 ActiveMQ-Deserialization-Vulnerability-(CVE-2015-5254).json ActiveMQ-Deserialization-Vulnerability-(CVE-2015-5254).json Add files via upload May 25, 2023 Active_UC_index.action_RCE.json Active_UC_index...
fastjson-c3p0:fastjson不出网利用、c3p0 awsKeyTools:aws云平台 accessKey 泄漏利用工具 goqifrp:frp的修改版-去除特征流量免杀信息隐藏 Diamorphine:LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64) Gobypass:golang 加载器免杀 frp-modify:frp0.38.1 支持域前置、远程加载配置文...
IBM WebSphere Application Server Deserialization RCE (CVE-2020-4450) IceWarp mail system Local File Inclusion IceWarp WebClient basic RCE iDVR system file traversal IFW8 Enterprise router v4.31 Password leakage IFW8 Enterprise router v4.31 Password leakage IFW8 Router ROM v4.31 Credential Discovery ...
Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath. Since Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box configurations. ...
fastjson-c3p0:fastjson不出网利用、c3p0 awsKeyTools:aws云平台 accessKey 泄漏利用工具 goqifrp:frp的修改版-去除特征流量免杀信息隐藏 Diamorphine:LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64) Gobypass:golang 加载器免杀 frp-modify:frp0.38.1 支持域前置、远程加载配置文...
redis-rce:redis主从复制rce的go版本,可独立编译使用【支持执行命令+上传文件】 Fastjson-Gadgets-Automatic-Scanner:Python 编写的扫码 jar 包里的 fastjson 利用链 AgentInjectTool:改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能 ByPassBehinder4J:冰蝎Java WebShell免杀生成 ecapture:通过 hook ebpf 技术,无...
内存马注入)|MYJNDIExploit:一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用|jndi_tool:JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce...