Contrast-Security-OSS/joogle external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Contrast-Security-OSS/joogle

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Contrast-Security-OSS/joogle)

Close

Contrast-Security-OSS / joogleView on GitHubMore

• External links
• Readme badge

A static analysis API for finding deserialization attack gadgets

☆39Nov 7, 2022Updated 3 years ago

Alternatives and similar repositories for joogle

Users that are interested in joogle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• frohoff / inspector-gadget

  View on GitHub
  Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
  ☆108May 12, 2016Updated 10 years ago
• wsargent / paranoid-java-serialization

  View on GitHub
  Adds a guard to disable ObjectInputStream.readObject
  ☆11Dec 6, 2015Updated 10 years ago
• Bort-Millipede / WLT3Serial

  View on GitHub
  Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.
  ☆34Mar 2, 2020Updated 6 years ago
• mbechler / serianalyzer

  View on GitHub
  A static byte code analyzer for Java deserialization gadget research
  ☆253Apr 17, 2017Updated 9 years ago
• CodeShield-Security / Serverless-Goat-Java

  View on GitHub
  Java version of the deliberately vulnerable serverless application Serverless-Goat from https://github.com/OWASP/Serverless-Goat
  ☆13Oct 12, 2021Updated 4 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• mogwailabs / deserialization-filter-blacklists

  View on GitHub
  Native Java serialization filter blacklist for common gadgets
  ☆20Sep 12, 2019Updated 6 years ago
• JackOfMostTrades / gadgetinspector

  View on GitHub
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆1,083Jun 15, 2021Updated 4 years ago
• KTH-LangSec / SerialDetector

  View on GitHub
  A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications
  ☆63Jan 29, 2021Updated 5 years ago
• topolik / ois-dos

  View on GitHub
  Java Deserialization
  ☆27Oct 21, 2016Updated 9 years ago
• kantega / notsoserial

  View on GitHub
  Java Agent which mitigates deserialisation attacks by making certain classes unserializable
  ☆192May 17, 2016Updated 10 years ago
• ceclin / 0ctf-2021-finals-soln-buggy-loader

  View on GitHub
  solution to buggyLoader of 0CTF/TCTF 2021 Finals
  ☆20Sep 27, 2021Updated 4 years ago
• pwntester / SerialKillerBypassGadgetCollection

  View on GitHub
  Collection of bypass gadgets to extend and wrap ysoserial payloads
  ☆389Apr 16, 2022Updated 4 years ago
• GrrrDog / ACEDcup

  View on GitHub
  Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)
  ☆38Apr 14, 2016Updated 10 years ago
• Contrast-Security-OSS / sheepdog

  View on GitHub
  ☆17May 4, 2026Updated last month
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• BishopFox / GadgetProbe

  View on GitHub
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆616Mar 4, 2021Updated 5 years ago
• NickstaDB / SerializationDumper

  View on GitHub
  A tool to dump Java serialization streams in a more human readable form.
  ☆1,073Jun 21, 2024Updated last year
• GrrrDog / ZeroNights-HackQuest-2016

  View on GitHub
  2 web tasks from ZeroNights HackQuest 2016
  ☆50Mar 24, 2017Updated 9 years ago
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• mbechler / serjs

  View on GitHub
  A Java serializer in JavaScript
  ☆81May 21, 2018Updated 8 years ago
• Contrast-Security-OSS / contrast-rO0

  View on GitHub
  A tiny Java agent that blocks attacks against unsafe deserialization
  ☆88Oct 9, 2017Updated 8 years ago
• mogwaisec / mjet

  View on GitHub
  Mogwai Java Management Extensions (JMX) Exploitation Toolkit
  ☆175Jul 21, 2016Updated 9 years ago
• waderwu / attackRmi

  View on GitHub
  attackRmi
  ☆258Oct 14, 2020Updated 5 years ago
• CycloneDX / sbom-comparator

  View on GitHub
  Lockheed Martin developed utility to compare two CycloneDX SBOMs
  ☆19Oct 21, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• Contrast-Security-OSS / docs

  View on GitHub
  ☆15Jun 5, 2020Updated 6 years ago
• secure-software-engineering / SPDS-experiments

  View on GitHub
  ☆11Oct 10, 2018Updated 7 years ago
• Lonely-night / fastjson_gadgets_scanner

  View on GitHub
  ☆131Jun 17, 2022Updated 3 years ago
• o2platform / DefCon_RESTing

  View on GitHub
  Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro
  ☆53Aug 5, 2013Updated 12 years ago
• NickstaDB / DeserLab

  View on GitHub
  Java deserialization exploitation lab.
  ☆237Mar 1, 2019Updated 7 years ago
• welk1n / JNDI-Injection-Bypass

  View on GitHub
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆483Dec 9, 2020Updated 5 years ago
• amaurremi / IDE

  View on GitHub
  Interprocedural Distributive Environment algorithm implementation
  ☆16Jul 16, 2015Updated 10 years ago
• pyn3rd / Apache-Tomcat-MongoDB-Remote-Code-Execution

  View on GitHub
  Apache Tomcat + MongoDB Remote Code Execution
  ☆114Jan 15, 2021Updated 5 years ago
• Contrast-Security-OSS / contrastscan-action

  View on GitHub
  Contrast Scan GitHub action
  ☆20May 4, 2026Updated last month
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• veracode-research / spring-view-manipulation

  View on GitHub
  When MVC magic turns black
  ☆296Sep 4, 2020Updated 5 years ago
• t0xodile / the-single-packet-shovel

  View on GitHub
  ☆21Sep 12, 2025Updated 8 months ago
• georlav / objectmap

  View on GitHub
  A Simple command line tool that helps checking web applications to identify insecure deserialization vulnerabilities.
  ☆24Jul 10, 2019Updated 6 years ago
• osresearch / flashtools

  View on GitHub
  Simplified version of flashrom for installing new system firmware
  ☆23Mar 10, 2023Updated 3 years ago
• pwntester / JVMDeserialization

  View on GitHub
  PoC for Scala and Groovy
  ☆14Apr 4, 2016Updated 10 years ago
• riramar / h2csmuggler-proxy

  View on GitHub
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆36May 14, 2022Updated 4 years ago
• githubsatelliteworkshops / codeql

  View on GitHub
  GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.
  ☆211Sep 27, 2024Updated last year