Whoopsunix/fastjson_study external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Whoopsunix/fastjson_study

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Whoopsunix/fastjson_study)

Close

Whoopsunix / fastjson_studyView on GitHubMore

• External links
• Readme badge

Abandoned - fastjson 1.2.24-1.2.80 poc & vulns env & how to check vul

☆96Oct 30, 2023Updated 2 years ago

Alternatives and similar repositories for fastjson_study

Users that are interested in fastjson_study are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ssssdl / fastjsonChecker

  View on GitHub
  burp手工检测fastjson辅助
  ☆87Mar 4, 2024Updated 2 years ago
• Whoopsunix / PPPVULNS

  View on GitHub
  Java CVE Vulnerability Environment
  ☆43Jun 11, 2024Updated last year
• Whoopsunix / JavaRce

  View on GitHub
  Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式
  ☆548Mar 6, 2025Updated last year
• threedr3am / jar-compatibility-detector

  View on GitHub
  安全升级jar包时，辅助检测Java Archive (JAR) 包之间兼容性，各类符号引用的存在检测，包括方法、方法签名、字段定义和引用、类引用等等
  ☆14Jul 7, 2024Updated last year
• pen4uin / java-echo-generator

  View on GitHub
  一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.
  ☆462Jan 12, 2025Updated last year
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• 1ucky7 / jmg-for-Godzilla

  View on GitHub
  Godzilla插件|内存马|Suo5内存代理｜jmg for Godzilla
  ☆243Jun 6, 2024Updated last year
• bmth666 / Yongyou-Unserialize-plus

  View on GitHub
  用友的一些反序列化链子以及1day，二开了狼组的YongYouNcTool，改了一下逻辑以及poc
  ☆125Oct 12, 2024Updated last year
• qi4L / Ysoserial-go

  View on GitHub
  A Go library for generating Java deserialization payloads.
  ☆155Sep 9, 2024Updated last year
• lemono0 / FastJsonParty

  View on GitHub
  FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本)，主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
  ☆1,195Jul 12, 2024Updated last year
• Hutt0n0 / ActiveMqRCE

  View on GitHub
  用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用 内存马注入
  ☆288Nov 20, 2023Updated 2 years ago
• 1ucky7 / MySQL_Fake_Server_for_woodpecker_yso

  View on GitHub
  MySQL_Fake_Server-啄木鸟yso适配版
  ☆45Sep 20, 2024Updated last year
• Lotus6 / JavaGadgetGenerator

  View on GitHub
  JavaGadgetGenerator 工具，支持 ysoserial，Hessian，字节码，Expr/SSTI，Shiro，JDBC 等 Gadget 生成，封装，混淆，出网延迟探测，内存马注入等...
  ☆560Apr 3, 2026Updated last week
• altEr1125 / ShiroAttack2

  View on GitHub
  一款针对Shiro550漏洞进行快速漏洞利用工具。 对 @SummerSec 大佬的项目https://github.com/SummerSec/ShiroAttack2 进行了一些改进。
  ☆250May 29, 2023Updated 2 years ago
• Hypdncy / JNDIBypassExploit

  View on GitHub
  JndiBypass漏洞利用，可动态生成类，防止类注入冲突
  ☆28Aug 16, 2023Updated 2 years ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• novysodope / javaeasyscan

  View on GitHub
  javaeasyscanner - 富婆系列，代码审计辅助工具，致力于解放大脑，方便双手
  ☆278Jun 18, 2024Updated last year
• achuna33 / Memoryshell-JavaALL

  View on GitHub
  收集内存马打入方式
  ☆508May 20, 2022Updated 3 years ago
• Hel10-Web / Databasetools

  View on GitHub
  一款用Go语言编写的数据库自动化提权工具，支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接
  ☆863Aug 30, 2023Updated 2 years ago
• ImuSpirit / ActiveMQ_RCE_Pro_Max

  View on GitHub
  CVE-2023-46604
  ☆63Nov 3, 2023Updated 2 years ago
• wafinfo / MeterSphere-plugin-Backdoor

  View on GitHub
  支持注入内存马和Bypass WAF
  ☆29Dec 12, 2023Updated 2 years ago
• su18 / hack-fastjson-1.2.80

  View on GitHub
  ☆525Sep 16, 2022Updated 3 years ago
• Mayter / mssql-command-tool

  View on GitHub
  xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作，上传，job等相应操作。
  ☆196Nov 25, 2023Updated 2 years ago
• TonyNPham / GodzillaPlugin-Suo5-MemProxy

  View on GitHub
  一款高性能 HTTP 内存代理 | 哥斯拉插件 | readteam | 红队 | 内存马 | Suo5 | Godzilla | 正向代理
  ☆288Aug 8, 2023Updated 2 years ago
• Whoopsunix / PPPYSO

  View on GitHub
  proof-of-concept for generating Java deserialization payload | Proxy MemShell
  ☆225Jun 8, 2024Updated last year
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• kezibei / fastjson_payload

  View on GitHub
  ☆244Feb 28, 2026Updated last month
• pykiller / API-T00L

  View on GitHub
  互联网厂商API利用工具。
  ☆569Sep 13, 2024Updated last year
• Bl0omZ / JNDIEXP

  View on GitHub
  JNDI在java高版本的利用工具,FUZZ利用链
  ☆599Oct 8, 2022Updated 3 years ago
• Lonely-night / fastjsonVul

  View on GitHub
  fastjson 80 远程代码执行漏洞复现
  ☆199Sep 7, 2022Updated 3 years ago
• byname66 / SerializeJava

  View on GitHub
  用Go+Fyne开发的，展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。
  ☆125Jan 14, 2025Updated last year
• safe6Sec / Fastjson

  View on GitHub
  Fastjson姿势技巧集合
  ☆1,837Oct 20, 2023Updated 2 years ago
• cckuailong / JNDI-Injection-Exploit-Plus

  View on GitHub
  80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background serv…
  ☆873Jun 24, 2024Updated last year
• K-7H7l / Jeecg_Tools

  View on GitHub
  本工具为jeecg框架漏洞利用工具非jeecg-boot！
  ☆183Aug 13, 2024Updated last year
• pen4uin / java-memshell-generator

  View on GitHub
  一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
  ☆2,177Aug 21, 2025Updated 7 months ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• Zh0um1 / CVE-2022-22947

  View on GitHub
  CVE-2022-22947注入哥斯拉内存马
  ☆28Jun 21, 2023Updated 2 years ago
• Avienma / DumpHash

  View on GitHub
  一款dump hash工具配合后渗透的利用
  ☆276Apr 21, 2023Updated 2 years ago
• TD0U / WeaverScan

  View on GitHub
  泛微oa漏洞利用工具
  ☆256Jan 4, 2023Updated 3 years ago
• 0x00007c00 / JundeadShell

  View on GitHub
  Java内存马注入工具
  ☆253Apr 8, 2023Updated 3 years ago
• novysodope / RMI_Inj_MemShell

  View on GitHub
  rmi打内存马工具，适用于目标用不了ldap的情况
  ☆254Jul 12, 2023Updated 2 years ago
• Ridter / PySQLTools

  View on GitHub
  Mssql利用工具
  ☆278Aug 7, 2023Updated 2 years ago
• evilashz / PigScheduleTask

  View on GitHub
  添加计划任务方法集合
  ☆310Aug 6, 2023Updated 2 years ago