LeadroyaL / fastjson-blacklistLinks
☆814Updated 3 years ago
Alternatives and similar repositories for fastjson-blacklist
Users that are interested in fastjson-blacklist are comparing it to the libraries listed below
Sorting:
- java source code static code analysis and danger function identify prog☆535Updated 6 years ago
- java内存对象搜索辅助工具☆814Updated 2 years ago
- Weblogic环境搭建工具☆797Updated 5 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,354Updated 2 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆451Updated 3 years ago
- a webshell resides in the memory of java web server☆682Updated 7 years ago
- A helpful Java Deserialization exploit framework.☆1,227Updated 6 months ago
- Getting started with java code auditing 代码审计入门的小项目☆921Updated 2 years ago
- Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynam…☆693Updated last year
- burp插件开发指南☆619Updated 4 years ago
- Java漏洞学习笔记 Deserialization Vulnerability☆937Updated 2 years ago
- 源代码漏洞の审计☆824Updated last year
- MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize☆1,334Updated 3 years ago
- IAST 灰盒扫描工具☆447Updated 3 years ago
- Java RCE 回显测试代码☆1,015Updated 4 years ago
- 从wooyun中提取的payload,以及burp插件☆840Updated 3 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆614Updated 3 years ago
- 越权检测工具☆743Updated 3 years ago
- 分享几个直接可用的内存马,记录一下学习过程中看过的文章☆969Updated 3 years ago
- Demo code for post <Restrictions of JNDI Manipulation RCE & Bypass>☆263Updated 3 years ago
- Static code auditing system☆466Updated 4 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆740Updated 4 years ago
- 搜集了市面上绝大部分weblogic解密方式,整理了7种解密weblogic的方法及响应工具。☆829Updated last year
- Web Security Technology & Vulnerability Analysis Whitepapers☆546Updated 6 years ago
- PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penetration checklist☆665Updated 4 years ago
- Apache Shiro 反序列化漏洞检测与利用工具☆560Updated 5 years ago
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,396Updated 3 years ago
- 一个用于前端加密Fuzz的Burp Suite插件☆1,049Updated 5 years ago
- 无回显漏洞测试辅助平台,平台使用Java编写,提供DNSLOG,HTTPLOG等功能,辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。☆385Updated last month
- java代码审计学习笔记☆662Updated 5 years ago