Alternatives and similar repositories for java-security-manager-bypass

Users that are interested in java-security-manager-bypass are comparing it to the libraries listed below

• Lonely-night / fastjson_gadgets_scanner
  ☆131Updated 2 years ago
• codeplutos / MySQL-JDBC-Deserialization-Payload
  MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload
  ☆13Updated 5 years ago
• pwntester / JRE8u20_RCE_Gadget
  JRE8u20_RCE_Gadget
  ☆251Updated 8 years ago
• jas502n / fastjson-RCE
  fastjson-1.2.47
  ☆66Updated 5 years ago
• bit4woo / Java_deserialize_vuln_lab
  Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
  ☆87Updated 6 years ago
• Ruil1n / after-deserialization-attack
  Java After-Deserialization Attack
  ☆79Updated 4 years ago
• JoyChou93 / trident
  Java通用漏洞修复安全组件
  ☆59Updated 7 years ago
• genxor / Deserialize
  ☆1Updated 6 years ago
• QAX-A-Team / SerialWriter
  SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.
  ☆104Updated 7 years ago
• Afant1 / RemoteObjectInvocationHandler
  bypass JEP290 RaspHook code
  ☆62Updated 4 years ago
• bigBestWay / ice
  Use java instrument API without JAR file
  ☆45Updated 2 years ago
• shengqi158 / Jackson-databind-RCE-PoC
  ☆81Updated 7 years ago
• gitrobtest / Java-Security
  Java Security Documents
  ☆80Updated 5 years ago
• Ramos-dev / R9000
  ☆58Updated 5 years ago
• mogwailabs / rmi-deserialization
  Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
  ☆100Updated 5 years ago
• hex0wn / learn-java-bug
  ☆71Updated 2 years ago
• threedr3am / FindClassInJars
  个人用于在自动化挖掘gadget时，方便查找gadget chains中class所在jar包，以助于便捷审计测试gadget有效性的那么一个小工具。
  ☆60Updated 5 years ago
• zsxsoft / reGeorg
  A modified reGeorg for One-line PHP Shell.
  ☆86Updated 6 years ago
• vulhub / java
  Java every minor versions.
  ☆70Updated 2 years ago
• QAX-A-Team / redis_lua_exploit
  ☆143Updated 6 years ago
• LeadroyaL / java-xxe-defense-demo
  java xxe defense demo
  ☆47Updated 5 years ago
• pwntester / BlockingServer
  Web Server that serves a single file and keeps the connection open until user releases it.
  ☆73Updated 11 years ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆122Updated 6 years ago
• boundaryx / cloudrasp-log4j2
  一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…
  ☆123Updated 3 years ago
• jas502n / kibana-RCE
  kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609
  ☆89Updated 5 years ago
• kingkaki / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆102Updated 5 years ago
• kingkaki / Struts2-Vulenv
  struts2 漏洞环境源代码
  ☆75Updated 2 years ago
• LeadroyaL / java_xxe_2019
  总结了一下2019年在JVM环境中使用XXE攻击的知识
  ☆57Updated 5 years ago
• proudwind / struts2_vulns
  Struts2 vuln env
  ☆43Updated 2 years ago
• doyensec / ajpfuzzer
  A command-line fuzzer for the Apache JServ Protocol (ajp13)
  ☆93Updated 2 years ago