cn-panda / logbackRceDemo

Related projects: ⓘ

• snyk / snyk-maven-plugin
  Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.
  ☆77Updated last month
• cckuailong / spring-cloud-function-SpEL-RCE
  spring-cloud-function SpEL RCE, Vultarget & Poc
  ☆133Updated 2 years ago
• dschadow / JavaSecurity
  Java web and command line applications demonstrating various security topics
  ☆235Updated 2 weeks ago
• cldrn / codeql-queries
  My CodeQL queries collection
  ☆93Updated last year
• SpindleSec / cve-2022-31692
  A project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692
  ☆36Updated last year
• mishmashclone / GrrrDog-Java-Deserialization-Cheat-Sheet
  https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
  ☆48Updated 3 years ago
• mogwailabs / rmi-deserialization
  Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
  ☆99Updated 5 years ago
• chaitin / log4j2-vaccine
  log4j2-vaccine
  ☆85Updated 2 years ago
• dschadow / Java-Web-Security
  Java-Web-Security - Sichere Webanwendungen mit Java entwickeln
  ☆215Updated last week
• shadowsock5 / jackson-databind-POC
  ☆14Updated 4 years ago
• frohoff / marshalsec
  ☆70Updated 7 years ago
• blindpirate / spring-rce-2022-03-hotfix
  ☆15Updated 2 years ago
• zbazztian / codeql-debug
  ☆69Updated 2 years ago
• l3yx / javaDeserializeNotes
  Java反序列化漏洞学习笔记
  ☆16Updated 4 years ago
• threedr3am / FindClassInJars
  个人用于在自动化挖掘gadget时，方便查找gadget chains中class所在jar包，以助于便捷审计测试gadget有效性的那么一个小工具。
  ☆60Updated 4 years ago
• TonyD0g / JSPHunter
  基于污点分析和模拟栈帧技术的JSP Webshell检测
  ☆43Updated 4 months ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆37Updated last year
• ASTTeam / DAST
  《深入理解DAST动态应用程序安全测试》Dynamic Application Security Testing.
  ☆45Updated last year
• xiaopan233 / Java_agent_without_file
  Java agent without file 无文件的Java agent
  ☆77Updated 2 years ago
• threedr3am / log-agent
  利用agent hock指定的class，在jar运行周期内，用于跟踪被执行的方法，辅助做一些事情，比如挖洞啊
  ☆126Updated 4 years ago
• mpgn / CVE-2019-3799
  CVE-2019-3799 - Spring Cloud Config Server: Directory Traversal < 2.1.2, 2.0.4, 1.4.6
  ☆31Updated 5 years ago
• angelwhu / jvm-rasp
  基于JVM-Sandbox实现RASP安全监控防护
  ☆50Updated last year
• j3ssie / codeql-docker
  Ready to use docker image for CodeQL
  ☆88Updated 8 months ago
• XuCcc / VulEnv
  Debug CVEs!
  ☆31Updated last year
• boundaryx / cloudrasp-log4j2
  一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…
  ☆121Updated 2 years ago
• iSafeBlue / redis-rce
  Redis RCE 的几种方法
  ☆90Updated 3 months ago
• ianxtianxt / CVE-2015-7501
  （CVE-2015-7501）JBoss JMXInvokerServlet 反序列化漏洞
  ☆20Updated 4 years ago
• momosecurity / mosec-maven-plugin
  用于检测maven项目的第三方依赖组件是否存在安全漏洞。
  ☆99Updated 2 years ago
• javaweb-sec / javaweb-vuln
  ☆27Updated this week
• securingdev / custom-codeql-queries
  Custom / Experimental CodeQL queries
  ☆37Updated 2 years ago