Contrast-Security-OSS/joogle external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Contrast-Security-OSS/joogle

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Contrast-Security-OSS/joogle)

Close

Contrast-Security-OSS / joogleView on GitHubMore

• External links
• Readme badge

A static analysis API for finding deserialization attack gadgets

☆39Nov 7, 2022Updated 3 years ago

Alternatives and similar repositories for joogle

Users that are interested in joogle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• frohoff / inspector-gadget

  View on GitHub
  Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
  ☆108May 12, 2016Updated 9 years ago
• wsargent / paranoid-java-serialization

  View on GitHub
  Adds a guard to disable ObjectInputStream.readObject
  ☆11Dec 6, 2015Updated 10 years ago
• Bort-Millipede / WLT3Serial

  View on GitHub
  Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.
  ☆34Mar 2, 2020Updated 6 years ago
• mbechler / serianalyzer

  View on GitHub
  A static byte code analyzer for Java deserialization gadget research
  ☆252Apr 17, 2017Updated 9 years ago
• CodeShield-Security / Serverless-Goat-Java

  View on GitHub
  Java version of the deliberately vulnerable serverless application Serverless-Goat from https://github.com/OWASP/Serverless-Goat
  ☆13Oct 12, 2021Updated 4 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• JackOfMostTrades / gadgetinspector

  View on GitHub
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆1,081Jun 15, 2021Updated 4 years ago
• KTH-LangSec / SerialDetector

  View on GitHub
  A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications
  ☆63Jan 29, 2021Updated 5 years ago
• topolik / ois-dos

  View on GitHub
  Java Deserialization
  ☆27Oct 21, 2016Updated 9 years ago
• kantega / notsoserial

  View on GitHub
  Java Agent which mitigates deserialisation attacks by making certain classes unserializable
  ☆191May 17, 2016Updated 9 years ago
• codingchili / chili-core

  View on GitHub
  Reactive framework for creating transport & storage-transparent microservices with Vert.x
  ☆14Apr 18, 2026Updated last week
• pwntester / SerialKillerBypassGadgetCollection

  View on GitHub
  Collection of bypass gadgets to extend and wrap ysoserial payloads
  ☆387Apr 16, 2022Updated 4 years ago
• GrrrDog / ACEDcup

  View on GitHub
  Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)
  ☆38Apr 14, 2016Updated 10 years ago
• Contrast-Security-OSS / sheepdog

  View on GitHub
  ☆17Apr 16, 2026Updated 2 weeks ago
• BishopFox / GadgetProbe

  View on GitHub
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆613Mar 4, 2021Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• NickstaDB / SerializationDumper

  View on GitHub
  A tool to dump Java serialization streams in a more human readable form.
  ☆1,069Jun 21, 2024Updated last year
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• mbechler / serjs

  View on GitHub
  A Java serializer in JavaScript
  ☆81May 21, 2018Updated 7 years ago
• Contrast-Security-OSS / contrast-rO0

  View on GitHub
  A tiny Java agent that blocks attacks against unsafe deserialization
  ☆88Oct 9, 2017Updated 8 years ago
• mogwaisec / mjet

  View on GitHub
  Mogwai Java Management Extensions (JMX) Exploitation Toolkit
  ☆175Jul 21, 2016Updated 9 years ago
• waderwu / attackRmi

  View on GitHub
  attackRmi
  ☆258Oct 14, 2020Updated 5 years ago
• CycloneDX / sbom-comparator

  View on GitHub
  Lockheed Martin developed utility to compare two CycloneDX SBOMs
  ☆19Oct 21, 2021Updated 4 years ago
• Contrast-Security-OSS / docs

  View on GitHub
  ☆15Jun 5, 2020Updated 5 years ago
• secure-software-engineering / SPDS-experiments

  View on GitHub
  ☆11Oct 10, 2018Updated 7 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• Lonely-night / fastjson_gadgets_scanner

  View on GitHub
  ☆131Jun 17, 2022Updated 3 years ago
• o2platform / DefCon_RESTing

  View on GitHub
  Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro
  ☆53Aug 5, 2013Updated 12 years ago
• contrastsecurity / contrast

  View on GitHub
  CodeSec by Contrast - The fastest and most accurate SAST scanner. Scan code and serverless environments
  ☆19Apr 23, 2026Updated last week
• MrMonk3y / texTrans

  View on GitHub
  Translates LaTex Files with DeepL
  ☆13Sep 23, 2024Updated last year
• NickstaDB / DeserLab

  View on GitHub
  Java deserialization exploitation lab.
  ☆237Mar 1, 2019Updated 7 years ago
• welk1n / JNDI-Injection-Bypass

  View on GitHub
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆485Dec 9, 2020Updated 5 years ago
• amaurremi / IDE

  View on GitHub
  Interprocedural Distributive Environment algorithm implementation
  ☆16Jul 16, 2015Updated 10 years ago
• pyn3rd / Apache-Tomcat-MongoDB-Remote-Code-Execution

  View on GitHub
  Apache Tomcat + MongoDB Remote Code Execution
  ☆114Jan 15, 2021Updated 5 years ago
• Contrast-Security-OSS / contrastscan-action

  View on GitHub
  Contrast Scan GitHub action
  ☆20Apr 16, 2026Updated 2 weeks ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• veracode-research / spring-view-manipulation

  View on GitHub
  When MVC magic turns black
  ☆297Sep 4, 2020Updated 5 years ago
• t0xodile / the-single-packet-shovel

  View on GitHub
  ☆21Sep 12, 2025Updated 7 months ago
• codingchili / enigmatic-mouse

  View on GitHub
  The enigmatic mouse will keep your passwords safe - password manager on Android in Kotlin.
  ☆19Mar 30, 2022Updated 4 years ago
• georlav / objectmap

  View on GitHub
  A Simple command line tool that helps checking web applications to identify insecure deserialization vulnerabilities.
  ☆24Jul 10, 2019Updated 6 years ago
• pwntester / JVMDeserialization

  View on GitHub
  PoC for Scala and Groovy
  ☆14Apr 4, 2016Updated 10 years ago
• riramar / h2csmuggler-proxy

  View on GitHub
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆36May 14, 2022Updated 3 years ago
• githubsatelliteworkshops / codeql

  View on GitHub
  GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.
  ☆211Sep 27, 2024Updated last year