Ape1ron / FastjsonInDeserializationDemo1Links
高版本Fastjson在Java原生反序列化中的利用演示
☆26Updated last year
Alternatives and similar repositories for FastjsonInDeserializationDemo1
Users that are interested in FastjsonInDeserializationDemo1 are comparing it to the libraries listed below
Sorting:
- 方便自己搭建codeql环境和数据库的工具。☆64Updated 5 months ago
- 在spring-aop中新发现的反序列化gadget-chain☆52Updated last year
- A lightweight reverse proxy server that converts TLS traffic to TCP, allowing secure communication between clients and upstream servers.☆79Updated last year
- Java Chains 插件编写 demo☆14Updated 11 months ago
- ☆18Updated last year
- Java bytecode line number restoration tool☆132Updated 5 months ago
- A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily☆39Updated last year
- 之前方便自己研究RASP原理和绕过时顺手写的,用于快速启动和重置RASP环境☆71Updated last year
- 基于污点分析和模拟栈帧技术的JSP Webshell检测☆48Updated 4 months ago
- ☆29Updated 2 years ago
- idea插件,快速生成反序列化中常用的方法,比如setFieldValue、createTemplatesImpl等☆29Updated last year
- Hessian UTF-8 Overlong Encoding☆21Updated last year
- 用于快速启动tabby 分析漏洞或者gadget的环境☆95Updated 6 months ago
- 如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过☆53Updated 2 years ago
- memory-shell for hook tcp connection and impl origin socks5 proxy☆42Updated 6 months ago
- ☆109Updated last month
- Netty/WebFlux 内存马☆26Updated 2 years ago
- Java JDK 8-18 CodeQL databases☆17Updated last year
- 在xxe中使用smb外带多行内容☆101Updated 3 months ago
- ☆22Updated 11 months ago
- Easy burp sign extension!☆56Updated last year
- Apache Dubbo漏洞测试Demo及其POC☆65Updated 2 years ago
- 利用代理驱动绕过JDBC Attack检测☆143Updated 7 months ago
- 一个简单的批量反编译jar包的小脚本☆45Updated 3 years ago
- 多组件客户端☆74Updated 9 months ago
- 如何将Java反序列化Payload极致缩小☆69Updated 4 years ago
- A vul-finder for loading CPG and automated finding vul-call-chains☆71Updated 6 months ago
- 一个IDEA插件:一键收集项目中所有jar包依赖的工具插件。遍历项目目录收集所有jar文件,复制到all-in-one文件夹,并自动添加为项目库。☆50Updated 3 months ago
- 使用 Docker 一键构建 JDK 源码的 CodeQL 数据库,方便使用 CodeQL 查找 JDK 中的数据。☆27Updated 8 months ago
- A list for Spring Security☆128Updated 2 years ago