dschadow / JavaSecurity

Related projects ⓘ

Alternatives and complementary repositories for JavaSecurity

• dschadow / Java-Web-Security
  Java-Web-Security - Sichere Webanwendungen mit Java entwickeln
  ☆215Updated last week
• pwntester / JRE8u20_RCE_Gadget
  JRE8u20_RCE_Gadget
  ☆252Updated 8 years ago
• mpgn / Spring-Boot-Actuator-Exploit
  Spring Boot Actuator (jolokia) XXE/RCE
  ☆317Updated 4 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 2 years ago
• 0Kee-Team / JavaProbe
  A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
  ☆204Updated 3 years ago
• mogwailabs / rmi-deserialization
  Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
  ☆101Updated 5 years ago
• CaledoniaProject / CVE-2018-1270
  Spring messaging STOMP protocol RCE
  ☆114Updated 6 years ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆122Updated 5 years ago
• pwntester / SerialKillerBypassGadgetCollection
  Collection of bypass gadgets to extend and wrap ysoserial payloads
  ☆350Updated 2 years ago
• frohoff / marshalsec
  ☆72Updated 7 years ago
• NickstaDB / DeserLab
  Java deserialization exploitation lab.
  ☆237Updated 5 years ago
• longofo / rmi-jndi-ldap-jrmp-jmx-jms
  rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
  ☆306Updated 2 years ago
• wh1t3p1g / ysoserial
  forked from frohoff/ysoserial and added my own payloads.
  ☆149Updated 4 years ago
• matthiaskaiser / jmet
  Java Message Exploitation Tool
  ☆493Updated 2 years ago
• mbechler / serianalyzer
  A static byte code analyzer for Java deserialization gadget research
  ☆241Updated 7 years ago
• kxcode / JNDI-Exploit-Bypass-Demo
  Demo code for post <Restrictions of JNDI Manipulation RCE & Bypass>
  ☆260Updated 2 years ago
• momosecurity / mosec-maven-plugin
  用于检测maven项目的第三方依赖组件是否存在安全漏洞。
  ☆100Updated 2 years ago
• ozzi- / JWT4B
  JWT Support for Burp
  ☆248Updated 3 months ago
• codeplutos / java-security-manager-bypass
  ☆141Updated 5 years ago
• MagicZer0 / fastjson-rce-exploit
  exploit for fastjson remote code execution vulnerability
  ☆152Updated last year
• lightless233 / Java-Unserialization-Study
  QAQ Just study unserialize vulnerabilities in Java :)
  ☆197Updated 6 years ago
• baidu-security / openrasp-testcases
  OpenRASP 漏洞测试环境
  ☆304Updated last year
• veracode-research / spring-view-manipulation
  When MVC magic turns black
  ☆286Updated 4 years ago
• cn-panda / logbackRceDemo
  The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment wher…
  ☆83Updated 2 years ago
• ikkisoft / SerialKiller
  Look-Ahead Java Deserialization Library
  ☆405Updated 4 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆121Updated 6 years ago
• mpgn / CVE-2019-7238
  🐱‍💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱‍💻
  ☆149Updated 5 years ago
• gitrobtest / Java-Security
  Java Security Documents
  ☆79Updated 5 years ago
• artsploit / SecLists
  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in …
  ☆139Updated 5 years ago