Contrast-Security-OSS / contrast-rO0
A tiny Java agent that blocks attacks against unsafe deserialization
☆83Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for contrast-rO0
- Java Agent which mitigates deserialisation attacks by making certain classes unserializable☆185Updated 8 years ago
- A rule for the Maven enforcer plugin to check for vulnerable artifacts within a project.☆40Updated 4 years ago
- Identify vulnerable libraries in Maven dependencies☆45Updated last year
- Externalize Java application access to protected resources as log messages.☆41Updated 5 months ago
- Evaluation Framework for Dependency Analysis (EFDA)☆42Updated 2 years ago
- Custom security ruleset for the popular Java static analysis tool PMD.☆61Updated 8 years ago
- Java Deserialization☆26Updated 8 years ago
- Hdiv CE | Application Self-Protection☆214Updated last week
- CVE database store☆129Updated 4 years ago
- A static analysis API for finding deserialization attack gadgets☆38Updated 2 years ago
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆104Updated 8 years ago
- OWASP Security Logging library for Java☆115Updated 11 months ago
- Serial Whitelist Application Trainer☆29Updated 5 years ago
- Maven plugin for integrating with HCL AppScan Source☆9Updated last year
- Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.☆144Updated 7 years ago
- Look-Ahead Java Deserialization Library☆405Updated 4 years ago
- Repository to showcase various configuration recipes with various technologies☆35Updated last year
- ☆15Updated 4 years ago
- A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications☆72Updated 10 years ago
- An API for consuming all the memory of Java apps using deserialization☆28Updated 8 years ago
- ☆133Updated 9 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆121Updated 6 years ago
- ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-d…☆340Updated last year
- coverage guided fuzz testing for java☆228Updated 3 years ago
- Non-interactive Java debugger with Groovy☆79Updated 6 months ago
- Tool for introspection of SSL\TLS sessions☆138Updated 3 months ago
- JMSDigger is JMS API basedEnterprise Messaging Application assessment tool☆31Updated 10 years ago
- ☆14Updated 5 years ago
- Demo Application and Exploit☆35Updated 7 years ago
- Coverity Security Library (CSL) is a lightweight set of escaping routines for fixing cross-site scripting (XSS), SQL injection, and other…☆201Updated 8 years ago