jndi

Star

Here are 62 public repositories matching this topic...

qi4L / JYso

Star

JNDIExploit or a ysoserial.

java ldap attack rmi gadget web-security jndi ysoserial jndi-injection mem-shell middleware-echo

Updated Nov 1, 2024
Java

cckuailong / JNDI-Injection-Exploit-Plus

Star

80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.

java exploit injection jndi ysoserial

Updated Jun 24, 2024
Java

Whoopsunix / JavaRce

Star

Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式

java serialization command jdbc expression rmi rce inject jndi vul rceecho memshell

Updated Sep 29, 2024
Java

X1r0z / JNDIMap

Star

JNDI 注入利用工具, 支持 RMI, LDAP 和 LDAPS 协议, 包含多种高版本 JDK 绕过方式 | A JNDI injection exploit tool that supports RMI, LDAP and LDAPS protocols, including a variety of methods to bypass higher-version JDK

java ldap jdbc rmi deserialize bypass jndi ldaps

Updated Oct 18, 2024
Java

r00tSe7en / JNDIMonitor

Star

一个LDAP请求监听器，摆脱dnslog平台

ldap jndi log4j2

Updated Apr 7, 2023
Java

0x727 / JNDIExploit

Star

一款用于JNDI注入利用的工具，大量参考/引用了Rogue JNDI项目的代码，支持直接植入内存shell，并集成了常见的bypass 高版本JDK的方式，适用于与自动化工具配合使用。

exploit jndi exp jndiexploit

Updated Sep 6, 2022
Java

future-client / CVE-2021-44228

Star

Abuse Log4J CVE-2021-44228 to patch CVE-2021-44228 in vulnerable Minecraft game sessions to prevent exploitation in the session :)

minecraft ldap exploit log4j rce jndi cve-2021-44228

Updated Dec 12, 2021
Java

Al1ex / CVE-2021-2109

Star

CVE-2021-2109 && Weblogic Server RCE via JNDI

rce jndi weblogic cve-2021-2109

Updated Jan 22, 2021
Java

ChloePrime / fix4log4j

Star

ldap log4j minecraft-mod fix jndi 0day

Updated Dec 11, 2021
Java

ncredinburgh / secure-tomcat-datasourcefactory

Star

A drop in replacement for the standard Tomcat DataSourceFactory that allows the database connection password to be encrypted using a symmetric key for the purposes of security.

security encryption password tomcat datasource jndi

Updated Nov 10, 2019
Java

LoliKingdom / NukeJndiLookupFromLog4j

Star

Selection of ways to remove JndiLookup in now obsolete Minecraft versions, or versions that still have log4j < 2.10 and is unable to use `-Dlog4j2.formatMsgNoLookups=true`

java minecraft security exploit log4j rce jndi log4j2 jndi-lookups

Updated Dec 15, 2021
Java

ZhangZiSheng001 / dbcp-demo

Star

源码详解系列(四) ------ DBCP2的使用和分析（包括JNDI和JTA支持）

datasources jta jndi dbcp

Updated May 17, 2021
Java

gayanukabulegoda / AAD-Lesson-Code-Space

Star

Explore the Advanced API Development (AAD) Code Space, featuring in-depth lessons on Jakarta EE, JSON, AJAX, Spring, and security topics. Each lesson is organized into distinct branches, providing practical code examples and real-world scenarios. Dive into comprehensive resources to enhance your API development skills.