Alternatives and similar repositories for Java-Web-Security

Users that are interested in Java-Web-Security are comparing it to the libraries listed below

• tdy218 / ysoserial-cve-2018-2628
  Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch
  ☆114Updated 7 years ago
• 0Kee-Team / JavaProbe
  A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
  ☆204Updated 4 years ago
• coffeehb / struts2_check
  一个用于识别目标网站是否采用Struts2框架开发的工具demo
  ☆163Updated 7 years ago
• pwntester / JRE8u20_RCE_Gadget
  JRE8u20_RCE_Gadget
  ☆251Updated 8 years ago
• l3m0n / WebFuzzAttack
  web模糊测试 - 将漏洞可能性放大
  ☆148Updated 6 years ago
• CaledoniaProject / CVE-2018-1270
  Spring messaging STOMP protocol RCE
  ☆113Updated 7 years ago
• lightless233 / Java-Unserialization-Study
  QAQ Just study unserialize vulnerabilities in Java :)
  ☆196Updated 6 years ago
• gitrobtest / Java-Security
  Java Security Documents
  ☆80Updated 5 years ago
• zerothoughts / spring-jndi
  Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
  ☆116Updated 6 years ago
• mtxiaowangzi / CAFJE
  又一个Java Web代码审计工具
  ☆100Updated 7 years ago
• Yt1g3r / CVE-2019-3396_EXP
  CVE-2019-3396 confluence SSTI RCE
  ☆174Updated 4 years ago
• QAX-A-Team / SerialWriter
  SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.
  ☆104Updated 7 years ago
• sie504 / Struts-S2-xxx
  整理收集Struts2漏洞环境
  ☆263Updated 7 years ago
• vulhub / java
  Java every minor versions.
  ☆70Updated 2 years ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆122Updated 6 years ago
• threedr3am / tomcat-cluster-session-sync-exp
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆213Updated 5 years ago
• lcatro / PHP_Source_Audit_Tools
  PHP 白盒分析工具,结合AST 和数据流跟踪分析代码,达到自动化白盒审计功能
  ☆147Updated 7 years ago
• Tr3jer / dnsAutoRebinding
  ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6
  ☆217Updated 7 years ago
• SewellDinG / LearnSQLin
  📖面向MySQL注入的一些技巧
  ☆31Updated 8 years ago
• nnewkin / Poc_Pentest
  ☆1Updated 3 years ago
• knownsec / wam
  Web App Monitor
  ☆226Updated 6 years ago
• jas502n / jackson-CVE-2020-8840
  FasterXML/jackson-databind 远程代码执行漏洞
  ☆74Updated 5 years ago
• hackping / XXEpayload
  ☆85Updated 5 years ago
• jas502n / fastjson-RCE
  fastjson-1.2.47
  ☆66Updated 5 years ago
• mpgn / CVE-2019-0192
  RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
  ☆210Updated 6 years ago
• lijiejie / struts2_045_scan
  Struts2-045 Scanner
  ☆74Updated 8 years ago
• lcatro / browser_vuln_check
  browser_vuln_check ,利用已知的浏览器漏洞PoC 来快速检测Webview 和浏览器环境是否存在安全漏洞,只需要访问run.html 即可获取所有扫描结果,适用场景包含:APP 发布之前的内部安全测试,第三方Webview 漏洞检测等(browser_vu…
  ☆117Updated 7 years ago
• dschadow / JavaSecurity
  Java web and command line applications demonstrating various security topics
  ☆237Updated this week
• dmchell / metasploit-framework
  Metasploit Framework
  ☆42Updated 8 years ago
• bigsizeme / burplugin-java-rce
  ******本软件仅限用于学习交流禁止用于任何非法行为****** 本版本支持elasticsearch java语言远程命令执行及文件上传 elasticsearchgroov语言远程命令执行及文件上传 struts2-005、struts2-009、struts2-01…
  ☆110Updated 7 years ago