Alternatives and similar repositories for custom-bytecode-analyzer:

Users that are interested in custom-bytecode-analyzer are comparing it to the libraries listed below

• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 2 years ago
• frohoff / inspector-gadget
  Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
  ☆104Updated 8 years ago
• cdaller / security_taint_propagation
  Java taint propagation for java. Define tainted sources, sanitizer methods and sinks via aspects.
  ☆28Updated 6 years ago
• breenmachine / JavaUnserializeExploits
  ☆132Updated 9 years ago
• CaledoniaProject / CVE-2018-1270
  Spring messaging STOMP protocol RCE
  ☆114Updated 6 years ago
• mbechler / serjs
  A Java serializer in JavaScript
  ☆82Updated 6 years ago
• 0ang3el / HQLi-playground
  ☆46Updated 8 years ago
• zerothoughts / jndipoc
  Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls
  ☆42Updated 9 years ago
• LinkedInAttic / sometime
  A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
  ☆60Updated 7 years ago
• zerothoughts / spring-jndi
  Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
  ☆116Updated 5 years ago
• immunio / apache-struts2-CVE-2017-5638
  Demo Application and Exploit
  ☆35Updated 7 years ago
• JReFrameworker / JReFrameworker
  A practical tool for bytecode manipulation and creating Managed Code Rootkits (MCRs) in the Java Runtime Environment
  ☆58Updated 5 years ago
• manfiS / droidfuzzer
  A Modular Android Fuzzing Toolkit
  ☆29Updated 9 years ago
• codeplutos / java-security-manager-bypass
  ☆145Updated 5 years ago
• faketime-java / faketime
  Fake currentTimeMillis() without class loader hacks
  ☆119Updated 3 years ago
• topolik / ois-dos
  Java Deserialization
  ☆26Updated 8 years ago
• Barro / java-afl
  Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.
  ☆90Updated 6 years ago
• rwincey / JavaShellcodeRunner
  JavaShellcodeRunner
  ☆10Updated 11 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆121Updated 7 years ago
• victims / maven-security-versions
  Identify vulnerable libraries in Maven dependencies
  ☆46Updated 2 years ago
• programa-stic / Marvin-static-Analyzer
  Marvin static analyzer is an Android application vulnerability scanner. The framework uses androguard and Static Android Analysis Framewo…
  ☆68Updated 6 years ago
• plast-lab / native-scanner
  An analyzer of JNI code that matches native code information with Java code
  ☆22Updated 3 years ago
• retme7 / My-Slides
  My slides
  ☆89Updated 5 years ago
• Contrast-Security-OSS / jinfinity
  An API for consuming all the memory of Java apps using deserialization
  ☆28Updated 9 years ago
• pwntester / JRE8u20_RCE_Gadget
  JRE8u20_RCE_Gadget
  ☆252Updated 8 years ago
• nowsecure / android-rce-multidex-and-zip-files
  PoC code for android RCE with multidex and ZIP files
  ☆40Updated 9 years ago
• aylhex / ApkSecurityAnalysis
  ApkSecurityAnalysis
  ☆65Updated 5 years ago
• kantega / notsoserial
  Java Agent which mitigates deserialisation attacks by making certain classes unserializable
  ☆189Updated 8 years ago
• GrrrDog / ZeroNights-HackQuest-2016
  2 web tasks from ZeroNights HackQuest 2016
  ☆50Updated 7 years ago
• MindMac / IntentFuzzer
  A Tool to fuzz Intent on Android
  ☆173Updated 6 years ago