Alternatives and similar repositories for java_xxe_2019

Users that are interested in java_xxe_2019 are comparing it to the libraries listed below

• bit4woo / Java_deserialize_vuln_lab
  Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
  ☆87Updated 7 years ago
• codeplutos / Conference
  ☆28Updated 6 years ago
• jas502n / kibana-RCE
  kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609
  ☆89Updated 6 years ago
• boy-hack / bugbounty-cheatsheet
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆24Updated 6 years ago
• fnmsd / ChunkedHTTPAdapter
  参考《利用分块传输吊打所有WAF》修改的requests的Adapter
  ☆98Updated 7 years ago
• QAX-A-Team / Papers
  Papers
  ☆34Updated 6 years ago
• kevien / javacode
  some java code i met or i used
  ☆29Updated 6 years ago
• shadow-horse / CVE-2019-17571
  Apache Log4j 1.2.X存在反序列化远程代码执行漏洞
  ☆78Updated 6 years ago
• SeriousAlpha / py-security-audit-tool
  python security audit tool，用于python源码的代码审计，支持命令注入，sql注入
  ☆63Updated 10 years ago
• gitrobtest / Java-Security
  Java Security Documents
  ☆81Updated 6 years ago
• pyn3rd / CVE-2018-3252
  CVE-2018-3252-PoC
  ☆74Updated 7 years ago
• QiAnXinCodeSafe / Legendsec
  奇安信报开源软件漏洞cve所用目录。每个人报漏洞请建立自己的目录。
  ☆46Updated 6 years ago
• xfkxfk / pyvulhunter
  python audit tool 审计 注入 inject
  ☆34Updated 9 years ago
• jiangsir404 / pbscan
  基于burpsuite headless 的代理式被动扫描系统
  ☆96Updated 5 years ago
• Lonely-night / fastjson_gadgets_scanner
  ☆131Updated 3 years ago
• SecurityCN / Vulnerability-analysis
  ☆62Updated 5 years ago
• shellsec / Knowledge-Base
  Knowledge Base 慢雾安全团队知识库
  ☆29Updated 6 years ago
• bit4woo / ReSign
  A burp extender that recalculate signature value automatically after you modified request parameter value.
  ☆60Updated 3 years ago
• verctor / nexus_rce_CVE-2019-7238
  Some debug notes and exploit(not blind)
  ☆39Updated 6 years ago
• qianl0ng / CVE-2018-2893
  可以直接反弹shell
  ☆47Updated 2 years ago
• earayu / fastjson_jndi_poc
  fastjson远程命令执行漏洞，jndi方式
  ☆40Updated 8 years ago
• neargle / tips-note
  做过的实验，踩过的坑
  ☆40Updated 7 years ago
• ab1gale / phpcms-2008-CVE-2018-19127
  ☆41Updated 7 years ago
• l3m0n / vtest
  用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
  ☆23Updated 6 years ago
• QAX-A-Team / SerialWriter
  SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.
  ☆103Updated 7 years ago
• jas502n / jackson-CVE-2020-8840
  FasterXML/jackson-databind 远程代码执行漏洞
  ☆73Updated 5 years ago
• mtxiaowangzi / Java-EE-VulnWeb
  用于演示Java Web项目中，漏洞的成因及修复方案，可用于黑盒测试和白盒测试，部分修复方案可用于生产环境。
  ☆43Updated 7 years ago
• 7dog7 / flash-hijack
  flash 劫持轮子，CSRF，劫持，跳转，swf 有需求可以提issues ，src挖掘,劫持response
  ☆86Updated 6 years ago
• shengqi158 / Jackson-databind-RCE-PoC
  ☆83Updated 8 years ago
• CAT-Team-mmc / lysec
  一个基于docker的安全培训系统
  ☆60Updated 4 years ago