Alternatives and similar repositories for Java-Deserialization-Cheat-Sheet:

Users that are interested in Java-Deserialization-Cheat-Sheet are comparing it to the libraries listed below

• frohoff / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆7,965Updated 10 months ago
• epinna / tplmap
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆3,868Updated 10 months ago
• cujanovic / SSRF-Testing
  SSRF (Server Side Request Forgery) testing resources
  ☆2,385Updated 4 months ago
• joaomatosf / jexboss
  JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
  ☆2,440Updated 5 years ago
• mbechler / marshalsec
  ☆3,448Updated last month
• tarunkant / Gopherus
  This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
  ☆2,963Updated last year
• pwntester / ysoserial.net
  Deserialization payload generator for a variety of .NET formatters
  ☆3,329Updated last month
• swisskyrepo / SSRFmap
  Automatic SSRF fuzzer and exploitation tool
  ☆3,084Updated 8 months ago
• qazbnm456 / awesome-cve-poc
  ✍️ A curated list of CVE PoCs.
  ☆3,370Updated 3 years ago
• 1N3 / IntruderPayloads
  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…
  ☆3,742Updated 3 years ago
• enjoiz / XXEinjector
  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
  ☆1,592Updated 2 months ago
• ambionics / phpggc
  PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
  ☆3,362Updated 2 months ago
• sensepost / reGeorg
  The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
  ☆3,049Updated 4 years ago
• JackOfMostTrades / gadgetinspector
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆1,014Updated 3 years ago
• federicodotta / Java-Deserialization-Scanner
  All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
  ☆780Updated 3 years ago
• summitt / Nope-Proxy
  TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
  ☆1,587Updated 8 months ago
• AonCyberLabs / Windows-Exploit-Suggester
  This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…
  ☆4,029Updated last year
• NickstaDB / SerializationDumper
  A tool to dump Java serialization streams in a more human readable form.
  ☆1,010Updated 8 months ago
• kost / dvcs-ripper
  Rip web accessible (distributed) version control systems: SVN/GIT/HG...
  ☆1,719Updated 7 months ago
• snoopysecurity / awesome-burp-extensions
  A curated list of amazingly awesome Burp Extensions
  ☆3,078Updated last week
• commixproject / commix
  Automated All-in-One OS Command Injection Exploitation Tool.
  ☆4,732Updated last week
• abatchy17 / WindowsExploits
  Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.
  ☆1,845Updated 4 years ago
• d3vilbug / HackBar
  HackBar plugin for Burpsuite
  ☆1,565Updated 3 years ago
• orangetw / My-CTF-Web-Challenges
  Collection of CTF Web challenges I made
  ☆2,710Updated last year
• NickstaDB / BaRMIe
  Java RMI enumeration and attack tool.
  ☆728Updated 7 years ago
• InteliSecureLabs / Linux_Exploit_Suggester
  Linux Exploit Suggester; based on operating system release number
  ☆1,779Updated 10 years ago
• worawit / MS17-010
  MS17-010
  ☆2,169Updated last year
• The-Z-Labs / linux-exploit-suggester
  Linux privilege escalation auditing tool
  ☆5,799Updated last year
• BuffaloWill / oxml_xxe
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,067Updated 2 months ago
• quentinhardy / odat
  ODAT: Oracle Database Attacking Tool
  ☆1,643Updated 6 months ago