jndi

Star

Here are 81 public repositories matching this topic...

qi4L / JYso

Star

JNDIExploit or a ysoserial.

java ldap attack rmi gadget web-security jndi ysoserial jndi-injection mem-shell middleware-echo

Updated Oct 31, 2024
Java

wuba / Antenna

Star

Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工具。其基于带外应用安全测试(OAST)通过任务的形式，将不同漏洞场景检测能力通过插件的形式进行集合，通过与目标进行out-bind的数据通信方式进行辅助检测。

mysql python http ldap django ftp xss jsonp rmi cybersecurity antenna vulnerability-scanners jndi dnslog dns-rebinding oast

Updated Jun 6, 2023
JavaScript

cckuailong / JNDI-Injection-Exploit-Plus

Star

80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.

java exploit injection jndi ysoserial

Updated Jun 24, 2024
Java

Whoopsunix / JavaRce

Star

Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式

java serialization command jdbc expression rmi rce inject jndi vul rceecho memshell

Updated Sep 29, 2024
Java

X1r0z / JNDIMap

Star

JNDI 注入利用工具, 支持 RMI, LDAP 和 LDAPS 协议, 包含多种高版本 JDK 绕过方式 | A JNDI injection exploit tool that supports RMI, LDAP and LDAPS protocols, including a variety of methods to bypass higher-version JDK

java ldap jdbc rmi deserialize bypass jndi ldaps

Updated Oct 18, 2024
Java

r00tSe7en / JNDIMonitor

Star

一个LDAP请求监听器，摆脱dnslog平台

ldap jndi log4j2

Updated Apr 7, 2023
Java

0x727 / JNDIExploit

Star

一款用于JNDI注入利用的工具，大量参考/引用了Rogue JNDI项目的代码，支持直接植入内存shell，并集成了常见的bypass 高版本JDK的方式，适用于与自动化工具配合使用。

exploit jndi exp jndiexploit

Updated Sep 6, 2022
Java

alexbakker / log4shell-tools

Star

Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

dns ldap log4j jndi cve-2021-44228 log4shell cve-2021-45046

Updated Apr 7, 2024
Go

zhzyker / logmap

Star

Log4j jndi injection fuzz tool

injection fuzz-testing jndi log4j2 cve-2021-44228 log4shell cve-2021-45046

Updated Dec 24, 2021
Python

future-client / CVE-2021-44228

Star

Abuse Log4J CVE-2021-44228 to patch CVE-2021-44228 in vulnerable Minecraft game sessions to prevent exploitation in the session :)

minecraft ldap exploit log4j rce jndi cve-2021-44228

Updated Dec 12, 2021
Java

For-ACGN / Log4Shell

Star

Check, exploit, generate class, obfuscate, TLS, ACME about log4j2 vulnerability in one Go program.

java ldap obfuscate acme exploits poc jndi log4j2 cve-2021-44228 log4shell log4j2-exp

Updated Dec 23, 2021
Go

pyyso is a Python package that generate java serialized poc. Including CommonsCollections1-7, JDK7u21, JDK8u20, ldap for jndi, shiro-550, CommonsBeanutils1 no cc, JRMPClient, high version JDK Bypass, Fake MySQL for JDBC attack

mysql python java serialization ldap exploit jdbc rmi gadget poc shiro jndi jrmp jdk8u20 jdk7u21

Updated Nov 5, 2022
Python

HackJava / JNDI

Star

《JNDI-深入理解Java万恶之源》

jndi 0e0w hackjava

Updated Nov 13, 2023

Al1ex / CVE-2021-2109

Star

CVE-2021-2109 && Weblogic Server RCE via JNDI

rce jndi weblogic cve-2021-2109

Updated Jan 22, 2021
Java

juliojsb / jboss-cli-snippets-compilation

Star

A repository of Jboss CLI snippets

java cli snippets application-server redhat wildfly jboss datasource juliojsb jndi

Updated Jun 20, 2019

ChloePrime / fix4log4j

Star

ldap log4j minecraft-mod fix jndi 0day

Updated Dec 11, 2021
Java

ncredinburgh / secure-tomcat-datasourcefactory

Star

A drop in replacement for the standard Tomcat DataSourceFactory that allows the database connection password to be encrypted using a symmetric key for the purposes of security.

security encryption password tomcat datasource jndi

Updated Nov 10, 2019
Java

LoliKingdom / NukeJndiLookupFromLog4j

Star

Selection of ways to remove JndiLookup in now obsolete Minecraft versions, or versions that still have log4j < 2.10 and is unable to use `-Dlog4j2.formatMsgNoLookups=true`

java minecraft security exploit log4j rce jndi log4j2 jndi-lookups

Updated Dec 15, 2021
Java

rakutentech / jndi-ldap-test-server

Star

A minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection attacks in Java, especially CVE-2021-44228.

ldap log4j vulnerability-detection jndi log4j2

Updated Dec 13, 2021
Go

LeakIX / l9fuzz

Star

Help fuzz various protocols and waits for ping backs Integrates LDAP server and JNDI payload

tcp log4j fuzzer jndi

Updated Dec 27, 2021
Go

Improve this page

Add a description, image, and links to the jndi topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the jndi topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

jndi

Here are 81 public repositories matching this topic...

qi4L / JYso

wuba / Antenna

cckuailong / JNDI-Injection-Exploit-Plus

Whoopsunix / JavaRce

X1r0z / JNDIMap

r00tSe7en / JNDIMonitor

0x727 / JNDIExploit

alexbakker / log4shell-tools

zhzyker / logmap

future-client / CVE-2021-44228

For-ACGN / Log4Shell

cokeBeer / pyyso

HackJava / JNDI

Al1ex / CVE-2021-2109

juliojsb / jboss-cli-snippets-compilation

ChloePrime / fix4log4j

ncredinburgh / secure-tomcat-datasourcefactory

LoliKingdom / NukeJndiLookupFromLog4j

rakutentech / jndi-ldap-test-server

LeakIX / l9fuzz

Improve this page

Add this topic to your repo