Alternatives and similar repositories for Java-Web-Security

Users that are interested in Java-Web-Security are comparing it to the libraries listed below

• CaledoniaProject / CVE-2018-1270
  Spring messaging STOMP protocol RCE
  ☆113Updated 7 years ago
• zerothoughts / spring-jndi
  Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
  ☆116Updated 6 years ago
• pwntester / JRE8u20_RCE_Gadget
  JRE8u20_RCE_Gadget
  ☆251Updated 8 years ago
• 0Kee-Team / JavaProbe
  A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
  ☆204Updated 4 years ago
• lightless233 / Java-Unserialization-Study
  QAQ Just study unserialize vulnerabilities in Java :)
  ☆196Updated 6 years ago
• l3m0n / WebFuzzAttack
  web模糊测试 - 将漏洞可能性放大
  ☆148Updated 6 years ago
• Tr3jer / dnsAutoRebinding
  ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6
  ☆217Updated 7 years ago
• coffeehb / struts2_check
  一个用于识别目标网站是否采用Struts2框架开发的工具demo
  ☆163Updated 7 years ago
• gitrobtest / Java-Security
  Java Security Documents
  ☆80Updated 5 years ago
• tdy218 / ysoserial-cve-2018-2628
  Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch
  ☆114Updated 7 years ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆122Updated 6 years ago
• mpgn / CVE-2019-0192
  RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
  ☆210Updated 6 years ago
• threedr3am / tomcat-cluster-session-sync-exp
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆213Updated 5 years ago
• hackping / struts2
  ☆26Updated 6 years ago
• jas502n / cve-2019-2618
  Weblogic Upload Vuln(Need username password)-CVE-2019-2618
  ☆173Updated 6 years ago
• zhongshendoushuizhao / everydaylearn
  i`m a cat ~ find fish
  ☆92Updated 4 years ago
• jas502n / CVE-2019-3396
  Confluence 未授权 RCE (CVE-2019-3396) 漏洞
  ☆144Updated 5 years ago
• xinali / wooyun
  wooyun public information backup
  ☆121Updated 8 years ago
• jas502n / jackson-CVE-2020-8840
  FasterXML/jackson-databind 远程代码执行漏洞
  ☆74Updated 5 years ago
• QAX-A-Team / SerialWriter
  SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.
  ☆104Updated 7 years ago
• mpgn / CVE-2019-7238
  🐱‍💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱‍💻
  ☆151Updated 6 years ago
• lcatro / PHP_Source_Audit_Tools
  PHP 白盒分析工具,结合AST 和数据流跟踪分析代码,达到自动化白盒审计功能
  ☆147Updated 7 years ago
• knownsec / wam
  Web App Monitor
  ☆226Updated 6 years ago
• LandGrey / CVE-2018-2894
  CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script
  ☆139Updated 6 years ago
• PolarisLab / SecPaper
  SecurityPaper For www.polaris-lab.com
  ☆104Updated 6 years ago
• sie504 / Struts-S2-xxx
  整理收集Struts2漏洞环境
  ☆263Updated 7 years ago
• nnewkin / Poc_Pentest
  ☆1Updated 3 years ago
• jas502n / fastjson-RCE
  fastjson-1.2.47
  ☆66Updated 5 years ago
• pyn3rd / CVE-2018-3245
  CVE-2018-3245-PoC
  ☆167Updated 3 years ago
• hanc00l / weblogic_unserialize_exploit
  java unserialize vul for weblogic exploit
  ☆175Updated 6 years ago