15 Repositories
Java poc Libraries
A PoC to obfuscate signed Minecraft chat in 1.19.1-pre4
obfchat-poc This PoC demonstrates how the chat can be obfuscated on the server, while remaining signed. This targets the Minecraft version 1.19.1-pre4
log4j2 rce、poc
Apache Log4j 2 Apache log4j2 开源日志组件远程代码执行 攻击者通过构造恶意请求,触发服务器log4j 2 日志组件的远程代码执行漏洞。漏洞无需特殊配置,经验证,最新版的补丁可以防护此问题 官方最新补丁: log4j-2.15.0-rc2 紧急处置方案 2.10 or 以上
Apache/Alibaba Dubbo = 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Data; Affects Versions = 2.7.6 With Different Gadgets
The 0xDABB of Doom - CVE-2021-25641-Proof-of-Concept Apache/Alibaba Dubbo = 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Da
Slueth(Zipkin) 를 통한 SQS Message Tracing POC(Proof of concept) 입니다.
Sleuth AWS SQS POC 해당 프로젝트는 Slueth(Zipkin) 를 통한 메시지 추적 POC(Proof of concept) 입니다. Rest API 를 통해 POST 요청을 받으면, 메시지를 발행/소비 합니다. 이 과정에서 유지되는 TraceId 를 확인
PoC for CVE-2021-31805 (Apache Struts2)
CVE-2021-31805 PoC for CVE-2021-31805 (Apache Struts2) CVE-2021-31805の解説記事で使用したアプリケーションです。 セットアップ $ docker-compose build $ docker-compose up -d 動作確認
spring-cloud-function SpEL RCE, Vultarget & Poc
spring-cloud-function SpEL RCE Vultarget You can build it for youself. here is the source of the Vuln App Or you can use the release which built by cc
LOG4J Java exploit - WAF and patches bypass tricks
🤝 Show your support - give a ⭐️ if you liked the content | SHARE on Twitter | Follow me on 🐱💻 ✂️ 🤬 LOG4J Java exploit - WAF and patches bypass tr
An LDAP RCE exploit for CVE-2021-44228 Log4Shell
log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell Description The demo Tomcat 8 server on port 8080 has a vulnerable app (log4shell) deployed
Log4Shell sample vulnerable application (CVE-2021-44228)
Log4Shell sample vulnerable application (CVE-2021-44228)
LightAdmin - [PoC] Pluggable CRUD UI library for Java web applications
LightAdmin - [PoC] Pluggable CRUD UI library for Java web applications The primary goal of this PoC project is to speed up application development by
Log4J CVE-2021-44228 Minecraft PoC
CVE-2021-44228 in Minecraft Java 16 Paper server build #397 Minecraft 1.17.1 Exploitation In Java 16 only deserialization attacks work by default usin
Vert.x PoC for Project Loom Support
Vert.x Loom Wrapper Codegen This project contains a proof of concept implementation for a codegen wrapper API that provides virtual async-await suppor
POC showing how to divide endpoint(s) among different Open-API screens
Multiple Open-API groups: Spring boot POC showing how to divide endpoint(s) among different Open-API screens Demo Link (Select definition from top rig
🟪 DeepfakeHTTP is a web server that uses HTTP dumps as a source for responses.
DeepfakeHTTP – Your 100% static dynamic backend DeepfakeHTTP is a web server that uses HTTP dumps as a source for responses. What are people using it
The application is a PoC that helps in identifying modern bankers, potentially malicious and remote controlling applications abusing Android AccessibilityService.
Motivation Project aims to help in: identifying keyloggers and events hijacking malicious applications such as Anubis/TeaBot, identifying a "fake bank