Alternatives and similar repositories for java-xxe-defense-demo:

Users that are interested in java-xxe-defense-demo are comparing it to the libraries listed below

• Ramos-dev / R9000
  ☆58Updated 4 years ago
• Afant1 / RemoteObjectInvocationHandler
  bypass JEP290 RaspHook code
  ☆62Updated 4 years ago
• cowtowncoder / jackson-compat-minor
  Test repository for verifying compatibility between adjacent minor versions
  ☆35Updated 7 months ago
• jas502n / SHIRO-721
  RememberMe Padding Oracle Vulnerability RCE
  ☆71Updated 5 years ago
• shengqi158 / Jackson-databind-RCE-PoC
  ☆80Updated 7 years ago
• Ruil1n / after-deserialization-attack
  Java After-Deserialization Attack
  ☆79Updated 3 years ago
• jas502n / fastjson-RCE
  fastjson-1.2.47
  ☆66Updated 5 years ago
• iSafeBlue / fastjson-autotype-bypass-demo
  fastjson 1.2.68 版本 autotype bypass
  ☆140Updated 2 years ago
• jas502n / fastjson-1.2.61-RCE
  fastjson-1.2.61-RCE
  ☆33Updated 5 years ago
• threedr3am / FindClassInJars
  个人用于在自动化挖掘gadget时，方便查找gadget chains中class所在jar包，以助于便捷审计测试gadget有效性的那么一个小工具。
  ☆60Updated 4 years ago
• EvilPulsar / S2-061
  some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute
  ☆69Updated 4 years ago
• codeplutos / MySQL-JDBC-Deserialization-Payload
  MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload
  ☆13Updated 4 years ago
• Lonely-night / fastjson_gadgets_scanner
  ☆131Updated 2 years ago
• jas502n / kibana-RCE
  kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609
  ☆90Updated 5 years ago
• hex0wn / learn-java-bug
  ☆72Updated 2 years ago
• jas502n / SHIRO-550
  Shiro RememberMe 1.2.4 反序列化 漏洞
  ☆53Updated 5 years ago
• genxor / Deserialize
  ☆69Updated 6 years ago
• langligelang / maobugs
  java 漏洞平台包含各种CVE
  ☆23Updated 2 years ago
• gitrobtest / Java-Security
  Java Security Documents
  ☆79Updated 5 years ago
• mishmashclone / GrrrDog-Java-Deserialization-Cheat-Sheet
  https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
  ☆49Updated 3 years ago
• Qclover / jsspider
  A js infomation dig tool.
  ☆69Updated 4 years ago
• b1ngz / spring-boot-actuator-cloud-vul
  Spring Boot Actuator + Spring Cloud Vul Env
  ☆19Updated 5 years ago
• Mochazz / Struts2-Vuln
  关于Struts2框架的历史漏洞个人分析文章
  ☆53Updated 4 years ago
• QAX-A-Team / SerialWriter
  SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.
  ☆104Updated 6 years ago
• SecurityCN / Vulnerability-analysis
  ☆62Updated 4 years ago
• kingkaki / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆102Updated 4 years ago
• tobechenghuai / Shiro_721_Padding_Oracle_RCE
  Shiro_721 exp 纯手工实现Padding Oracle整个过程
  ☆68Updated 5 years ago
• guimaizi / testing_wave
  ☆58Updated 4 years ago
• kingkaki / Struts2-Vulenv
  struts2 漏洞环境源代码
  ☆75Updated 2 years ago
• tongasdp / tongasdp-test
  TongASDP漏洞测试环境
  ☆34Updated last year