Alternatives and similar repositories for XStream-Gadgets

Users that are interested in XStream-Gadgets are comparing it to the libraries listed below

• PetrusViet / CVE-2021-39115
  Template Injection in Email Templates leads to code execution on Jira Service Management Server
  ☆48Updated 4 years ago
• pwntester / BlockingServer
  Web Server that serves a single file and keeps the connection open until user releases it.
  ☆73Updated 11 years ago
• mishmashclone / GrrrDog-Java-Deserialization-Cheat-Sheet
  https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
  ☆51Updated 4 years ago
• blipzip / cve-2022-31692
  A project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692
  ☆35Updated 3 years ago
• Dor-Tumarkin / CVE-2021-25641-Proof-of-Concept
  Apache/Alibaba Dubbo <= 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Data; Affects Versions <= 2.7.6 With Diffe…
  ☆52Updated 4 years ago
• codewhitesec / ColdFusionPwn
  Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12
  ☆95Updated 3 years ago
• SecCoder-Security-Lab / spring-cloud-netflix-hystrix-dashboard-cve-2021-22053
  Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability CVE-2021-22053
  ☆37Updated 2 years ago
• Al1ex / CVE-2020-36179
  CVE-2020-36179~82 Jackson-databind SSRF&RCE
  ☆81Updated 4 years ago
• Jarijaas / helsec-1103
  ☆22Updated 3 years ago
• iSafeBlue / presentation-slides
  ☆33Updated 3 years ago
• m01e-40x / MyJSPWebshell
  My collection of various of JSP Webshell.
  ☆36Updated 3 years ago
• wdahlenburg / spring-gateway-demo
  Sample Spring application to Demonstrate the Gateway Actuator
  ☆48Updated 3 years ago
• snowyyowl / writeups
  ☆73Updated 3 years ago
• Afant1 / RemoteObjectInvocationHandler
  bypass JEP290 RaspHook code
  ☆62Updated 5 years ago
• Pear1y / CVE-2022-0540-RCE
  Atlassian Jira Seraph Authentication Bypass RCE（CVE-2022-0540）
  ☆72Updated 3 years ago
• CHYbeta / URLFilterBypassDemo
  ☆29Updated 4 years ago
• shadowsock5 / ysoserial
  mvn clean package -DskipTests
  ☆46Updated 2 years ago
• samsbp / java-file-ftp
  POC for leaking java version through file and ftp protocols
  ☆24Updated 5 years ago
• jas502n / CVE-2020-26259
  CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process…
  ☆25Updated 4 years ago
• bit4woo / burp-api-common
  common methods that used by my burp extension projects
  ☆52Updated last year
• Ruil1n / after-deserialization-attack
  Java After-Deserialization Attack
  ☆79Updated 4 years ago
• hex0wn / learn-java-bug
  ☆73Updated 3 years ago
• zer0yu / BugBounty
  web fuzzing && bug hunter
  ☆61Updated 3 years ago
• jespinhara / j-is-the-boss
  ☆23Updated 3 years ago
• Dor-Tumarkin / CVE-2019-17564-FastJson-Gadget
  Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information …
  ☆16Updated 2 years ago
• MagicZer0 / Weblogic_CVE-2020-2883_POC
  Proof of concept for Weblogic CVE-2020-2883
  ☆15Updated 5 years ago
• CHYbeta / Vuln100Topics
  知识星球《漏洞百出》最新 20条 Topic
  ☆113Updated 3 years ago
• dinhbaouit / CVE-2021-26084
  ☆54Updated 4 years ago
• fairyming / CVE-2020-8840
  CVE-2020-8840：FasterXML/jackson-databind 远程代码执行漏洞
  ☆36Updated 5 years ago
• zrquan / burp-weblogic-scanner
  ☆20Updated 3 years ago