Contrast-Security-OSS/joogle external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Contrast-Security-OSS/joogle

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Contrast-Security-OSS/joogle)

Close

Contrast-Security-OSS / joogleView on GitHubMore

• External links
• Readme badge

A static analysis API for finding deserialization attack gadgets

☆38Nov 7, 2022Updated 3 years ago

Alternatives and similar repositories for joogle

Users that are interested in joogle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• frohoff / inspector-gadget

  View on GitHub
  Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
  ☆110May 12, 2016Updated 9 years ago
• Bort-Millipede / WLT3Serial

  View on GitHub
  Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.
  ☆34Mar 2, 2020Updated 6 years ago
• mbechler / serianalyzer

  View on GitHub
  A static byte code analyzer for Java deserialization gadget research
  ☆251Apr 17, 2017Updated 8 years ago
• CodeShield-Security / Serverless-Goat-Java

  View on GitHub
  Java version of the deliberately vulnerable serverless application Serverless-Goat from https://github.com/OWASP/Serverless-Goat
  ☆13Oct 12, 2021Updated 4 years ago
• mogwailabs / deserialization-filter-blacklists

  View on GitHub
  Native Java serialization filter blacklist for common gadgets
  ☆20Sep 12, 2019Updated 6 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• JackOfMostTrades / gadgetinspector

  View on GitHub
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆1,080Jun 15, 2021Updated 4 years ago
• KTH-LangSec / SerialDetector

  View on GitHub
  A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications
  ☆63Jan 29, 2021Updated 5 years ago
• topolik / ois-dos

  View on GitHub
  Java Deserialization
  ☆27Oct 21, 2016Updated 9 years ago
• kantega / notsoserial

  View on GitHub
  Java Agent which mitigates deserialisation attacks by making certain classes unserializable
  ☆191May 17, 2016Updated 9 years ago
• ceclin / 0ctf-2021-finals-soln-buggy-loader

  View on GitHub
  solution to buggyLoader of 0CTF/TCTF 2021 Finals
  ☆20Sep 27, 2021Updated 4 years ago
• pwntester / SerialKillerBypassGadgetCollection

  View on GitHub
  Collection of bypass gadgets to extend and wrap ysoserial payloads
  ☆387Apr 16, 2022Updated 3 years ago
• GrrrDog / ACEDcup

  View on GitHub
  Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)
  ☆38Apr 14, 2016Updated 9 years ago
• Contrast-Security-OSS / sheepdog

  View on GitHub
  ☆17Oct 8, 2025Updated 6 months ago
• BishopFox / GadgetProbe

  View on GitHub
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆612Mar 4, 2021Updated 5 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• NickstaDB / SerializationDumper

  View on GitHub
  A tool to dump Java serialization streams in a more human readable form.
  ☆1,068Jun 21, 2024Updated last year
• GrrrDog / ZeroNights-HackQuest-2016

  View on GitHub
  2 web tasks from ZeroNights HackQuest 2016
  ☆50Mar 24, 2017Updated 9 years ago
• dice-group / LOLA

  View on GitHub
  LOLA: Large and Open Source Multilingual Language Model
  ☆11Jan 22, 2026Updated 2 months ago
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• Contrast-Security-OSS / contrast-rO0

  View on GitHub
  A tiny Java agent that blocks attacks against unsafe deserialization
  ☆87Oct 9, 2017Updated 8 years ago
• mogwaisec / mjet

  View on GitHub
  Mogwai Java Management Extensions (JMX) Exploitation Toolkit
  ☆174Jul 21, 2016Updated 9 years ago
• waderwu / attackRmi

  View on GitHub
  attackRmi
  ☆258Oct 14, 2020Updated 5 years ago
• Contrast-Security-OSS / docs

  View on GitHub
  ☆15Jun 5, 2020Updated 5 years ago
• secure-software-engineering / SPDS-experiments

  View on GitHub
  ☆11Oct 10, 2018Updated 7 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• Lonely-night / fastjson_gadgets_scanner

  View on GitHub
  ☆131Jun 17, 2022Updated 3 years ago
• o2platform / DefCon_RESTing

  View on GitHub
  Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro
  ☆53Aug 5, 2013Updated 12 years ago
• contrastsecurity / contrast

  View on GitHub
  CodeSec by Contrast - The fastest and most accurate SAST scanner. Scan code and serverless environments
  ☆19Jan 9, 2024Updated 2 years ago
• MrMonk3y / texTrans

  View on GitHub
  Translates LaTex Files with DeepL
  ☆13Sep 23, 2024Updated last year
• NickstaDB / DeserLab

  View on GitHub
  Java deserialization exploitation lab.
  ☆236Mar 1, 2019Updated 7 years ago
• welk1n / JNDI-Injection-Bypass

  View on GitHub
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆485Dec 9, 2020Updated 5 years ago
• amaurremi / IDE

  View on GitHub
  Interprocedural Distributive Environment algorithm implementation
  ☆16Jul 16, 2015Updated 10 years ago
• pyn3rd / Apache-Tomcat-MongoDB-Remote-Code-Execution

  View on GitHub
  Apache Tomcat + MongoDB Remote Code Execution
  ☆114Jan 15, 2021Updated 5 years ago
• veracode-research / spring-view-manipulation

  View on GitHub
  When MVC magic turns black
  ☆297Sep 4, 2020Updated 5 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• t0xodile / the-single-packet-shovel

  View on GitHub
  ☆21Sep 12, 2025Updated 6 months ago
• georlav / objectmap

  View on GitHub
  A Simple command line tool that helps checking web applications to identify insecure deserialization vulnerabilities.
  ☆24Jul 10, 2019Updated 6 years ago
• pwntester / JVMDeserialization

  View on GitHub
  PoC for Scala and Groovy
  ☆14Apr 4, 2016Updated 10 years ago
• riramar / h2csmuggler-proxy

  View on GitHub
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆36May 14, 2022Updated 3 years ago
• githubsatelliteworkshops / codeql

  View on GitHub
  GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.
  ☆210Sep 27, 2024Updated last year
• Ant-FG-Lab / non_RCE

  View on GitHub
  ☆41Mar 10, 2021Updated 5 years ago
• LeadroyaL / java-xxe-defense-demo

  View on GitHub
  java xxe defense demo
  ☆49Jul 18, 2019Updated 6 years ago