dschadow / Java-Web-Security
Java-Web-Security - Sichere Webanwendungen mit Java entwickeln
☆217Updated this week
Alternatives and similar repositories for Java-Web-Security:
Users that are interested in Java-Web-Security are comparing it to the libraries listed below
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Updated 3 years ago
- JRE8u20_RCE_Gadget☆251Updated 8 years ago
- Spring messaging STOMP protocol RCE☆114Updated 6 years ago
- QAQ Just study unserialize vulnerabilities in Java :)☆196Updated 6 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Updated 7 years ago
- web模糊测试 - 将漏洞可能性放大☆147Updated 5 years ago
- Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch☆114Updated 6 years ago
- Java Security Documents☆79Updated 5 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116Updated 5 years ago
- Weblogic Upload Vuln(Need username password)-CVE-2019-2618☆172Updated 5 years ago
- 一个用于识别目标网站是否采用Struts2框架开发的工具demo☆163Updated 7 years ago
- A vulnerable application exposing Spring Boot Actuators☆121Updated 6 years ago
- SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.☆104Updated 7 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)�导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213Updated 4 years ago
- Java web and command line applications demonstrating various security topics☆237Updated this week
- Web App Monitor☆227Updated 6 years ago
- ******本软件仅限用于学习交流禁止用于任何非法行为****** 本版本支持elasticsearch java语言远程命令执行及文件上传 elasticsearchgroov语言远程命令执行及文件上传 struts2-005、struts2-009、struts2-01…☆111Updated 7 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆351Updated 2 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆209Updated 6 years ago
- WebLogic wls9-async反序列化远程命令执行漏洞☆241Updated 5 years ago
- Struts2-045 Scanner☆74Updated 7 years ago
- ☆1Updated 3 years ago
- 整理收集Struts2漏洞环境☆262Updated 7 years ago
- CVE-2018-3245-PoC☆167Updated 3 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆150Updated 6 years ago
- browser_vuln_check ,利用已知的浏览器漏洞PoC 来快速检测Webview 和浏览器环境是否存在安全漏洞,只需要访问run.html 即可获取所有扫描结果,适用场景包含:APP 发布之前的内部安全测试,第三方Webview 漏洞检测等(browser_vu…☆116Updated 7 years ago
- Confluence 未授权 RCE (CVE-2019-3396) 漏洞☆144Updated 5 years ago
- XSS_Filter_Evasion_Cheat_Sheet 中文版☆78Updated 10 years ago
- i`m a cat ~ find fish☆92Updated 4 years ago
- weblogic t3 deserialization rce☆268Updated 7 years ago