Contrast-Security-OSS / contrast-rO0
A tiny Java agent that blocks attacks against unsafe deserialization
☆83Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for contrast-rO0
- Java Agent which mitigates deserialisation attacks by making certain classes unserializable☆185Updated 8 years ago
- Identify vulnerable libraries in Maven dependencies☆45Updated last year
- A rule for the Maven enforcer plugin to check for vulnerable artifacts within a project.☆40Updated 4 years ago
- Java Deserialization☆26Updated 8 years ago
- A static analysis API for finding deserialization attack gadgets☆38Updated 2 years ago
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆104Updated 8 years ago
- Externalize Java application access to protected resources as log messages.☆41Updated 6 months ago
- OWASP Security Logging library for Java☆115Updated 11 months ago
- Custom security ruleset for the popular Java static analysis tool PMD.☆61Updated 9 years ago
- Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.☆144Updated 7 years ago
- Java taint propagation for java. Define tainted sources, sanitizer methods and sinks via aspects.☆27Updated 6 years ago
- Evaluation Framework for Dependency Analysis (EFDA)☆42Updated 2 years ago
- ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-d…☆340Updated last year
- Repository to showcase various configuration recipes with various technologies☆35Updated last year
- Maven plugin for integrating with HCL AppScan Source☆9Updated last year
- Hdiv CE | Application Self-Protection☆214Updated this week
- Serial Whitelist Application Trainer☆29Updated 5 years ago
- A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications☆72Updated 10 years ago
- CVE database store☆129Updated 4 years ago
- Coverity Security Library (CSL) is a lightweight set of escaping routines for fixing cross-site scripting (XSS), SQL injection, and other…☆201Updated 8 years ago
- ☆133Updated 9 years ago
- An API for consuming all the memory of Java apps using deserialization☆28Updated 8 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆121Updated 6 years ago
- Automate security tests using Burp Suite.☆223Updated 5 months ago
- ☆492Updated 8 years ago
- Demo Application and Exploit☆35Updated 7 years ago
- Maven central doesn't do SSL when serving you JARs. Dilettante is a MiTM proxy for exploiting that.☆159Updated 2 years ago
- ☆128Updated 8 years ago
- Java web and command line applications demonstrating various security topics☆235Updated this week
- A static byte code analyzer for Java deserialization gadget research☆241Updated 7 years ago