Ape1ron/SpringAopInDeserializationDemo1 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Ape1ron/SpringAopInDeserializationDemo1

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Ape1ron/SpringAopInDeserializationDemo1)

Close

Ape1ron / SpringAopInDeserializationDemo1View on GitHubMore

• External links
• Readme badge

在spring-aop中新发现的反序列化gadget-chain

☆52Jan 12, 2025Updated last year

Alternatives and similar repositories for SpringAopInDeserializationDemo1

Users that are interested in SpringAopInDeserializationDemo1 are comparing it to the libraries listed below

• Ape1ron / FastjsonInDeserializationDemo1

  View on GitHub
  高版本Fastjson在Java原生反序列化中的利用演示
  ☆26Jan 12, 2025Updated last year
• KingBridgeSS / jdifferer

  View on GitHub
  ☆65Sep 27, 2023Updated 2 years ago
• fdu-sec / JDD

  View on GitHub
  ☆206Oct 27, 2025Updated 4 months ago
• Y4Sec-Team / no-templates

  View on GitHub
  如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过
  ☆53Sep 10, 2023Updated 2 years ago
• luelueking / CVE-2022-25845-In-Spring

  View on GitHub
  CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!
  ☆105Nov 7, 2024Updated last year
• yezere / codeql_n1ght

  View on GitHub
  方便自己搭建codeql环境和数据库的工具。
  ☆64Aug 16, 2025Updated 6 months ago
• woodpecker-appstore / jexpr-encoder-utils

  View on GitHub
  Java表达式语句生成器
  ☆194Oct 9, 2023Updated 2 years ago
• Java-Chains / chains-plugin-demo

  View on GitHub
  Java Chains 插件编写 demo
  ☆14Mar 5, 2025Updated 11 months ago
• nex121 / RuoyiGui

  View on GitHub
  ☆26Dec 13, 2024Updated last year
• flowerwind / AutoGenerateXalanPayload

  View on GitHub
  cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
  ☆93Jan 17, 2023Updated 3 years ago
• luelueking / Deserial_Sink_With_JDBC

  View on GitHub
  Some ReadObject Sink With JDBC
  ☆243May 8, 2024Updated last year
• datouo / CTF-Java-Gadget

  View on GitHub
  CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段
  ☆276Dec 13, 2024Updated last year
• wangsz05 / LearnDemo

  View on GitHub
  ☆16Oct 30, 2022Updated 3 years ago
• threedr3am / jar-compatibility-detector

  View on GitHub
  安全升级jar包时，辅助检测Java Archive (JAR) 包之间兼容性，各类符号引用的存在检测，包括方法、方法签名、字段定义和引用、类引用等等
  ☆14Jul 7, 2024Updated last year
• luelueking / Fake_Kafka_Server

  View on GitHub
  ☆79Nov 22, 2024Updated last year
• whocansee / FilelessAgentMemShell

  View on GitHub
  无需文件落地Agent内存马生成器
  ☆249May 30, 2024Updated last year
• B0T1eR / ysoSimple

  View on GitHub
  ysoSimple：简易的Java漏洞利用工具，集成Java反序列化，Hessian反序列化，XStream反序列化，SnakeYaml反序列化，Shiro550，JSF反序列化，SSTI模板注入，JdbcAttackPayload，JNDIAttack，字节码生成。
  ☆105Jan 20, 2026Updated last month
• kyo-w / router-router

  View on GitHub
  Java web路由内存分析工具
  ☆437May 22, 2025Updated 9 months ago
• aleenzz / InjectSQLServer

  View on GitHub
  Get sql server connection configuration information
  ☆28Aug 26, 2024Updated last year
• LostZX / vcenter_tool

  View on GitHub
  ☆32Apr 23, 2023Updated 2 years ago
• 4ra1n / code-encryptor

  View on GitHub
  使用JNI加密字节码，通过JVMTI解密字节码以保护代码，支持自定义包名和密钥，使用魔法禁止黑客dump字节码
  ☆181Dec 4, 2024Updated last year
• Whoopsunix / utf-8-overlong-encoding

  View on GitHub
  抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组
  ☆140Mar 11, 2024Updated last year
• BeichenDream / CVE-2025-55182-GodzillaMemoryShell

  View on GitHub
  ☆108Dec 10, 2025Updated 2 months ago
• l3yx / Java-RASP-Research-Env

  View on GitHub
  之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境
  ☆71Oct 13, 2024Updated last year
• ax1sX / RouteCheck-Alpha

  View on GitHub
  A Java Route Collection Tool
  ☆102Aug 1, 2024Updated last year
• luelueking / jvm-sandbox-rasp

  View on GitHub
  一个基于jvm-sandbox高度定制化rasp
  ☆58Sep 28, 2023Updated 2 years ago
• aaaademo / Confluence-EvilJar

  View on GitHub
  配合 CVE-2023-22515 后台上传jar包实现RCE
  ☆23Nov 9, 2023Updated 2 years ago
• y00ga-sec / Trustify

  View on GitHub
  Attack Active Directory Trusts with a single tool
  ☆14Jan 15, 2025Updated last year
• luelueking / ClazzSearcher

  View on GitHub
  一款使用Yaml定义搜索规则来搜索Class的工具
  ☆108Aug 2, 2023Updated 2 years ago
• YYHYlh / Dubbo-Scan

  View on GitHub
  一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。
  ☆172Aug 9, 2023Updated 2 years ago
• suizhibo / MemShellKiller

  View on GitHub
  基于Agent技术实现的Java内存马查杀、防护工具。
  ☆94Jul 25, 2024Updated last year
• yzddmr6 / Java-Js-Engine-Payloads

  View on GitHub
  Java Js Engine Payloads All in one
  ☆289Aug 21, 2023Updated 2 years ago
• H4cking2theGate / ysogate

  View on GitHub
  Java反序列化/JNDI注入/恶意类生成工具，支持多种高版本bypass，支持回显/内存马等多种扩展利用。
  ☆148Dec 21, 2025Updated 2 months ago
• Fushuling / TaintScaner

  View on GitHub
  一款基于污点分析的PHP扫描工具，能快速匹配从常见Source点如$_POST、$GET到Sink点system等的路径，同时支持单独对函数的扫描。
  ☆167Apr 10, 2025Updated 10 months ago
• 1ucky7 / MySQL_Fake_Server_for_woodpecker_yso

  View on GitHub
  MySQL_Fake_Server-啄木鸟yso适配版
  ☆45Sep 20, 2024Updated last year
• 4ra1n / class-obf

  View on GitHub
  一个 CLASS 文件混淆工具，支持方法字段参数名引用分析和重命名混淆，支持字符串提取/AES加密运行时解密/整型异或混淆/垃圾代码花指令混淆/错误注解崩溃/特殊字符迷惑用户/反编译器对抗/方法和字段的隐藏等，配置简单，容易上手
  ☆307Jan 26, 2026Updated last month
• AugustineFulgur / Agenst

  View on GitHub
  java-agent内存马一键注入服务器维权工具，支持自定义路径、校验和内存马内容。
  ☆126Nov 4, 2025Updated 3 months ago
• silentEAG / RedTeamOps

  View on GitHub
  Use Rust to implement some Red Team techniques :)
  ☆13Nov 11, 2024Updated last year
• cwkiller / ClassLinefix

  View on GitHub
  Java bytecode line number restoration tool
  ☆134Aug 31, 2025Updated 6 months ago