Alternatives and similar repositories for JavaSecurity

Users that are interested in JavaSecurity are comparing it to the libraries listed below

• dschadow / Java-Web-Security
  Java-Web-Security - Sichere Webanwendungen mit Java entwickeln
  ☆219Updated 2 weeks ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆123Updated 6 years ago
• mogwailabs / rmi-deserialization
  Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
  ☆100Updated 5 years ago
• momosecurity / mosec-maven-plugin
  用于检测maven项目的第三方依赖组件是否存在安全漏洞。
  ☆103Updated 3 years ago
• frohoff / marshalsec
  ☆74Updated 8 years ago
• pwntester / JRE8u20_RCE_Gadget
  JRE8u20_RCE_Gadget
  ☆251Updated 9 years ago
• mpgn / Spring-Boot-Actuator-Exploit
  Spring Boot Actuator (jolokia) XXE/RCE
  ☆319Updated 5 years ago
• jas502n / jackson-CVE-2020-8840
  FasterXML/jackson-databind 远程代码执行漏洞
  ☆74Updated 5 years ago
• cn-panda / logbackRceDemo
  The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment wher…
  ☆87Updated 3 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 2 years ago
• codeplutos / java-security-manager-bypass
  ☆147Updated 6 years ago
• pwntester / SerialKillerBypassGadgetCollection
  Collection of bypass gadgets to extend and wrap ysoserial payloads
  ☆374Updated 3 years ago
• 0Kee-Team / JavaProbe
  A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
  ☆204Updated 4 years ago
• gitrobtest / Java-Security
  Java Security Documents
  ☆80Updated 5 years ago
• PortSwigger / j2ee-scan
  J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…
  ☆75Updated 3 years ago
• ikkisoft / SerialKiller
  Look-Ahead Java Deserialization Library
  ☆418Updated 5 years ago
• JavanXD / Demo-Exploit-Jackson-RCE
  Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.
  ☆18Updated 6 years ago
• artsploit / SecLists
  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in …
  ☆140Updated 6 years ago
• mogwailabs / deserialization-filter-blacklists
  Native Java serialization filter blacklist for common gadgets
  ☆20Updated 5 years ago
• hex0wn / learn-java-bug
  ☆73Updated 3 years ago
• quentinhardy / jndiat
  JNDI Attacking Tool
  ☆241Updated 3 years ago
• appsecco / json-flash-csrf-poc
  This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.
  ☆77Updated 7 years ago
• LeadroyaL / java-xxe-defense-demo
  java xxe defense demo
  ☆49Updated 6 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆123Updated 7 years ago
• mishmashclone / GrrrDog-Java-Deserialization-Cheat-Sheet
  https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
  ☆51Updated 3 years ago
• pyn3rd / Apache-Tomcat-MongoDB-Remote-Code-Execution
  Apache Tomcat + MongoDB Remote Code Execution
  ☆114Updated 4 years ago
• mbechler / serianalyzer
  A static byte code analyzer for Java deserialization gadget research
  ☆247Updated 8 years ago
• Bort-Millipede / WLT3Serial
  Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.
  ☆35Updated 5 years ago
• mpgn / CVE-2019-7238
  🐱‍💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱‍💻
  ☆152Updated 6 years ago
• pplsec / JavaVul
  JAVA Vul Code JAVA常见漏洞与防御代码示例
  ☆10Updated 6 years ago