Alternatives and similar repositories for Java-Web-Security:

Users that are interested in Java-Web-Security are comparing it to the libraries listed below

• pwntester / JRE8u20_RCE_Gadget
  JRE8u20_RCE_Gadget
  ☆252Updated 8 years ago
• lightless233 / Java-Unserialization-Study
  QAQ Just study unserialize vulnerabilities in Java :)
  ☆196Updated 6 years ago
• l3m0n / WebFuzzAttack
  web模糊测试 - 将漏洞可能性放大
  ☆147Updated 5 years ago
• CaledoniaProject / CVE-2018-1270
  Spring messaging STOMP protocol RCE
  ☆114Updated 6 years ago
• QAX-A-Team / SerialWriter
  SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.
  ☆104Updated 6 years ago
• coffeehb / struts2_check
  一个用于识别目标网站是否采用Struts2框架开发的工具demo
  ☆162Updated 7 years ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆121Updated 5 years ago
• tdy218 / ysoserial-cve-2018-2628
  Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch
  ☆114Updated 6 years ago
• gitrobtest / Java-Security
  Java Security Documents
  ☆79Updated 5 years ago
• knownsec / wam
  Web App Monitor
  ☆227Updated 6 years ago
• mpgn / CVE-2019-0192
  RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
  ☆209Updated 5 years ago
• 0Kee-Team / JavaProbe
  A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
  ☆204Updated 3 years ago
• xinali / wooyun
  wooyun public information backup
  ☆120Updated 7 years ago
• pyn3rd / CVE-2018-3245
  CVE-2018-3245-PoC
  ☆167Updated 3 years ago
• sie504 / Struts-S2-xxx
  整理收集Struts2漏洞环境
  ☆261Updated 7 years ago
• Tr3jer / dnsAutoRebinding
  ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6
  ☆217Updated 7 years ago
• pwntester / SerialKillerBypassGadgetCollection
  Collection of bypass gadgets to extend and wrap ysoserial payloads
  ☆351Updated 2 years ago
• zhongshendoushuizhao / everydaylearn
  i`m a cat ~ find fish
  ☆92Updated 4 years ago
• MagicZer0 / fastjson-rce-exploit
  exploit for fastjson remote code execution vulnerability
  ☆152Updated 2 years ago
• zerothoughts / spring-jndi
  Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
  ☆116Updated 5 years ago
• hackping / XXEpayload
  ☆84Updated 5 years ago
• jas502n / cve-2019-2618
  Weblogic Upload Vuln(Need username password)-CVE-2019-2618
  ☆172Updated 5 years ago
• baidu-security / openrasp-testcases
  OpenRASP 漏洞测试环境
  ☆305Updated last year
• jasonsheh / SiteScan
  A tool help get the basic information of one site
  ☆109Updated 6 years ago
• threedr3am / tomcat-cluster-session-sync-exp
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆213Updated 4 years ago
• lijiejie / struts2_045_scan
  Struts2-045 Scanner
  ☆73Updated 7 years ago
• CHYbeta / WAF-Bypass
  WAF Bypass Cheatsheet
  ☆212Updated 7 years ago
• hackping / struts2
  ☆26Updated 6 years ago
• jas502n / fastjson-RCE
  fastjson-1.2.47
  ☆66Updated 5 years ago
• zhangzhenfeng / AnyScan
  AnyScan
  ☆101Updated 4 years ago