FFreestanding/JavaUnserializeChain external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

FFreestanding/JavaUnserializeChain

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/FFreestanding/JavaUnserializeChain)

Close

FFreestanding / JavaUnserializeChainView on GitHubMore

• External links
• Readme badge

自己积累的一些Java反序列化利用链

☆91Feb 27, 2023Updated 3 years ago

Alternatives and similar repositories for JavaUnserializeChain

Users that are interested in JavaUnserializeChain are comparing it to the libraries listed below

• ccc-f / my-encryption-template

  View on GitHub
  个人渗透测试常用加解密算法实现。
  ☆12May 18, 2023Updated 2 years ago
• novysodope / RMI_Inj_MemShell

  View on GitHub
  rmi打内存马工具，适用于目标用不了ldap的情况
  ☆254Jul 12, 2023Updated 2 years ago
• yumusb / coremail_export

  View on GitHub
  导出coremail联系人
  ☆18Apr 19, 2023Updated 2 years ago
• reto18052015 / YingJiXiangYing

  View on GitHub
  应急响应
  ☆15Feb 16, 2023Updated 3 years ago
• qi4L / Ysoserial-go

  View on GitHub
  A Go library for generating Java deserialization payloads.
  ☆155Sep 9, 2024Updated last year
• Whoopsunix / JavaRce

  View on GitHub
  Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式
  ☆545Mar 6, 2025Updated 11 months ago
• idiotc4t / sharpwmi

  View on GitHub
  (批量化改造)sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。
  ☆108Jan 8, 2021Updated 5 years ago
• k4i-x3i0 / jndiExploit-beta

  View on GitHub
  魔改版，实现冰蝎直连内存马，无需修改冰蝎客户端
  ☆76Jan 3, 2024Updated 2 years ago
• HackingCost / AD_Pentest

  View on GitHub
  红队|域渗透重要漏洞汇总(持续更新)
  ☆290Dec 23, 2022Updated 3 years ago
• nOnE-team / YQScan

  View on GitHub
  语雀敏感信息泄露搜索工具
  ☆13Jan 20, 2023Updated 3 years ago
• Ni4n / ShellGenerate

  View on GitHub
  哥斯拉jsp/jspx免杀webshell生成器
  ☆207Apr 28, 2023Updated 2 years ago
• bestspear / SharkOne

  View on GitHub
  Cobalt Strike 二开项目
  ☆185Feb 11, 2023Updated 3 years ago
• NorthShad0w / NetOuter

  View on GitHub
  一键出网探测工具
  ☆73Feb 25, 2023Updated 3 years ago
• reallys / pentest-domain

  View on GitHub
  域控 学习+攻击大纲
  ☆66Dec 18, 2019Updated 6 years ago
• 9bie / Slacker

  View on GitHub
  懒鬼插件/审计过的后的渗透插件/我凭本事打的SESSION凭什么还要我自己动手后渗透？
  ☆245Sep 9, 2025Updated 5 months ago
• qi4L / Unhooker-go

  View on GitHub
  EDR绕过demo
  ☆294Jan 14, 2024Updated 2 years ago
• su18 / hack-fastjson-1.2.80

  View on GitHub
  ☆523Sep 16, 2022Updated 3 years ago
• c0olw / NacosRce

  View on GitHub
  Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用
  ☆848Jul 7, 2023Updated 2 years ago
• Ridter / PySQLTools

  View on GitHub
  Mssql利用工具
  ☆276Aug 7, 2023Updated 2 years ago
• KrystianLi / ExchangeOWA

  View on GitHub
  一款OutLook信息收集工具
  ☆244May 23, 2023Updated 2 years ago
• TryGOTry / edit-gencon

  View on GitHub
  geacon:简单适配了一个profile配置文件,可直接拿来修改使用,用于cs上线linux.
  ☆161Aug 3, 2022Updated 3 years ago
• kyo-w / router-router

  View on GitHub
  Java web路由内存分析工具
  ☆437May 22, 2025Updated 9 months ago
• xiaopan233 / GenerateNoHard

  View on GitHub
  本工具的定位是快速生成Java安全相关的Payload，如内存马、反序列化链、JNDI url、Fastjson等，动态生成相关Payload，并附带相应的文档。
  ☆93Feb 25, 2025Updated last year
• safe6Sec / PentestDB

  View on GitHub
  各种数据库的利用姿势
  ☆1,034Jan 3, 2025Updated last year
• evilashz / PigScheduleTask

  View on GitHub
  添加计划任务方法集合
  ☆309Aug 6, 2023Updated 2 years ago
• achuna33 / MYJNDIExploit

  View on GitHub
  自己的JNDI 利用工具，添加一些人性化功能
  ☆131Sep 4, 2022Updated 3 years ago
• Ggasdfg321 / SmallProxyPool

  View on GitHub
  一个免费高质量的小代理池，解决一些站点有WAF的情况下，进行目录扫描或者字典爆破
  ☆274Feb 21, 2023Updated 3 years ago
• pap1rman / postnacos

  View on GitHub
  哥斯拉nacos后渗透插件 maketoken adduser
  ☆150Jul 7, 2023Updated 2 years ago
• atsud0 / frp-modify

  View on GitHub
  frp0.38.1 支持域前置、远程加载配置文件、配置文件自删除、流量特征修改
  ☆133Apr 26, 2022Updated 3 years ago
• ce-automne / TomcatMemShell

  View on GitHub
  拿来即用的Tomcat7/8/9/10版本Listener/Filter/Servlet内存马，支持注入CMD内存马和冰蝎内存马
  ☆511Aug 31, 2022Updated 3 years ago
• ybdt / pentest-hub

  View on GitHub
  Penetration Testing
  ☆266Dec 8, 2025Updated 2 months ago
• Schira4396 / VcenterKiller

  View on GitHub
  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
  ☆1,467Apr 25, 2024Updated last year
• crisprss / BypassUserAdd

  View on GitHub
  通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化
  ☆344Apr 10, 2022Updated 3 years ago
• pykiller / API-T00L

  View on GitHub
  互联网厂商API利用工具。
  ☆555Sep 13, 2024Updated last year
• A0WaQ4 / BurpText4ShellScan

  View on GitHub
  Text4Shell的burp被动扫描插件
  ☆36Dec 29, 2022Updated 3 years ago
• yanghaoi / CobaltStrike_CNA

  View on GitHub
  使用多种WinAPI进行权限维持的CobaltStrike脚本，包含API设置系统服务，设置计划任务，管理用户等。
  ☆556Jan 18, 2022Updated 4 years ago
• SummerSec / AgentInjectTool

  View on GitHub
  改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能
  ☆279Nov 28, 2023Updated 2 years ago
• Ciyfly / microwaveo

  View on GitHub
  将dll exe 等转成shellcode 最后输出exe 可定制加载器模板 支持白文件的捆绑 shellcode 加密
  ☆367Sep 8, 2022Updated 3 years ago
• JDArmy / DCSec

  View on GitHub
  域控安全one for all
  ☆736Sep 9, 2024Updated last year