SummerSec/JavaLearnVulnerability

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SummerSec/JavaLearnVulnerability)

SummerSec / JavaLearnVulnerability

Java漏洞学习笔记 Deserialization Vulnerability

☆943

Alternatives and similar repositories for JavaLearnVulnerability

Users that are interested in JavaLearnVulnerability are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

Maskhe / javasec
View on GitHub
自己学习java安全的一些总结，主要是安全审计相关
☆1,700Jan 5, 2022Updated 4 years ago
phith0n / JavaThings
View on GitHub
Share Things Related to Java - Java安全漫谈笔记相关内容
☆2,005Apr 9, 2025Updated last year
threedr3am / learnjavabug
View on GitHub
Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…
☆2,696Mar 14, 2024Updated 2 years ago
cn-panda / JavaCodeAudit
View on GitHub
Getting started with java code auditing 代码审计入门的小项目
☆930Feb 22, 2023Updated 3 years ago
feihong-cs / Java-Rce-Echo
View on GitHub
Java RCE 回显测试代码
☆1,015Oct 15, 2020Updated 5 years ago
Bare Metal GPUs on DigitalOcean Gradient AI • Ad
Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
HackJava / HackJava
View on GitHub
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
☆2,881Aug 4, 2023Updated 2 years ago
LandGrey / spring-boot-upload-file-lead-to-rce-tricks
View on GitHub
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
☆754Apr 14, 2021Updated 5 years ago
Firebasky / Java
View on GitHub
关于学习java安全的一些知识,正在学习中ing,欢迎fork and star
☆792Jul 11, 2023Updated 2 years ago
bitterzzZZ / MemoryShellLearn
View on GitHub
分享几个直接可用的内存马，记录一下学习过程中看过的文章
☆982Mar 23, 2022Updated 4 years ago
safe6Sec / Fastjson
View on GitHub
Fastjson姿势技巧集合
☆1,839Oct 20, 2023Updated 2 years ago
SummerSec / learning-codeql
View on GitHub
CodeQL Java 全网最全的中文学习资料
☆800Mar 18, 2022Updated 4 years ago
wyzxxz / jndi_tool
View on GitHub
JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具
☆2,017May 21, 2024Updated last year
JoyChou93 / java-sec-code
View on GitHub
Java web common vulnerabilities and security code which is base on springboot and spring security
☆2,662Dec 2, 2024Updated last year
wh1t3p1g / ysomap
View on GitHub
A helpful Java Deserialization exploit framework.
☆1,241Feb 17, 2025Updated last year
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
threedr3am / JSP-WebShells
View on GitHub
Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
☆1,405Jan 18, 2022Updated 4 years ago
fnmsd / MySQL_Fake_Server
View on GitHub
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
☆1,367Nov 18, 2021Updated 4 years ago
j3ers3 / Hello-Java-Sec
View on GitHub
☕️ Java Security，安全编码和代码审计
☆1,749Mar 7, 2025Updated last year
proudwind / javasec_study
View on GitHub
java代码审计学习笔记
☆686Feb 24, 2020Updated 6 years ago
Y4tacker / JavaSec
View on GitHub
a rep for documenting my study, may be from 0 to 0.1
☆2,265Mar 25, 2026Updated last month
c0ny1 / java-object-searcher
View on GitHub
java内存对象搜索辅助工具
☆823Sep 23, 2022Updated 3 years ago
achuna33 / Memoryshell-JavaALL
View on GitHub
收集内存马打入方式
☆507May 20, 2022Updated 3 years ago
Y4er / WebLogic-Shiro-shell
View on GitHub
WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell
☆534Aug 25, 2020Updated 5 years ago
7hang / --Java
View on GitHub
代码审计知识点整理-Java
☆530Jun 15, 2020Updated 5 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
c0ny1 / FastjsonExploit
View on GitHub
Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
☆1,393Dec 16, 2022Updated 3 years ago
pen4uin / java-memshell-generator
View on GitHub
一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
☆2,188Aug 21, 2025Updated 8 months ago
chriskaliX / AD-Pentest-Notes
View on GitHub
用于记录内网渗透(域渗透)学习 :-)
☆1,242Nov 9, 2020Updated 5 years ago
threedr3am / ZhouYu
View on GitHub
（周瑜）Java - SpringBoot 持久化 WebShell（不仅仅是SpringBoot，适合任何符合JavaEE规范的服务）
☆615Dec 29, 2021Updated 4 years ago
LandGrey / SpringBootVulExploit
View on GitHub
SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list
☆6,133Mar 10, 2021Updated 5 years ago
safe6Sec / CodeqlNote
View on GitHub
Codeql学习笔记
☆902Apr 25, 2022Updated 4 years ago
tabby-sec / tabby
View on GitHub
A CAT called tabby ( Code Analysis Tool )
☆1,646Jan 17, 2026Updated 3 months ago
SummerSec / ShiroAttack2
View on GitHub
shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
☆2,480Apr 12, 2026Updated 2 weeks ago
safe6Sec / PentestDB
View on GitHub
各种数据库的利用姿势
☆1,035Jan 3, 2025Updated last year
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
veo / wsMemShell
View on GitHub
WebSocket 内存马/Webshell，一种新型内存马/WebShell技术
☆1,494Apr 10, 2023Updated 3 years ago
woodpecker-framework / ysoserial-for-woodpecker
View on GitHub
给woodpecker框架量身定制的ysoserial
☆617Oct 26, 2022Updated 3 years ago
kyo-w / router-router
View on GitHub
Java web路由内存分析工具
☆439May 22, 2025Updated 11 months ago
neargle / re0-kubernetes-sec-archive
View on GitHub
[WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐
☆3,160Nov 6, 2025Updated 5 months ago
su18 / MemoryShell
View on GitHub
JavaWeb MemoryShell Inject/Scan/Killer/Protect Research & Exploring
☆657Jun 25, 2021Updated 4 years ago
JDArmy / DCSec
View on GitHub
域控安全one for all
☆739Sep 9, 2024Updated last year
pmiaowu / BurpFastJsonScan
View on GitHub
一款基于BurpSuite的被动式FastJson检测插件
☆1,244Oct 1, 2022Updated 3 years ago