frohoff / serialysis

Related projects: ⓘ

• victims / maven-security-versions
  Identify vulnerable libraries in Maven dependencies
  ☆45Updated last year
• frohoff / jdeserialize
  From https://code.google.com/p/jdeserialize/
  ☆34Updated 10 years ago
• OWASP / url-classifier
  Declarative syntax for defining sets of URLs. No need for error-prone regexs.
  ☆20Updated 5 years ago
• carterjones / javasnoop
  Automatically exported from code.google.com/p/javasnoop
  ☆27Updated 9 years ago
• JReFrameworker / JReFrameworker
  A practical tool for bytecode manipulation and creating Managed Code Rootkits (MCRs) in the Java Runtime Environment
  ☆56Updated 4 years ago
• kiview / damn-vulnerable-spring-boot-app
  Spring-Boot app for demonstrating security vulnaribilities
  ☆13Updated 5 years ago
• OpenSecurityResearch / jmsdigger
  JMSDigger is JMS API basedEnterprise Messaging Application assessment tool
  ☆31Updated 10 years ago
• find-sec-bugs / find-sec-bugs-demos
  Repository to showcase various configuration recipes with various technologies
  ☆35Updated last year
• fbogner / race2rce
  A PoC that shows that Web Vulnerabilities can indeed be interesting
  ☆19Updated 6 years ago
• hacktics / vehicle
  Viewstate Hidden Control Enumerator
  ☆17Updated 11 years ago
• ikoz / cert-pinning-flaw-poc
  Simple script for testing CVE-2016-2402 and similar flaws
  ☆13Updated 8 years ago
• fergarrui / custom-bytecode-analyzer
  Java bytecode analyzer customizable via JSON rules
  ☆74Updated 6 years ago
• mveytsman / dilettante
  Maven central doesn't do SSL when serving you JARs. Dilettante is a MiTM proxy for exploiting that.
  ☆159Updated 2 years ago
• coverity / pie
  Policy Instantiation and Enforcement (PIE)
  ☆9Updated 9 years ago
• asanso / jwe-sender
  ☆11Updated 7 years ago
• wsargent / securityfixer
  Experimental Java agent to stomp on things.
  ☆15Updated 5 years ago
• shawnmckinney / remote-code-execution-sample
  Demonstrate how usage of the Java Security Manager can prevent Remote Code Execution (RCE) exploits.
  ☆25Updated 9 months ago
• cschneider4711 / SWAT
  Serial Whitelist Application Trainer
  ☆29Updated 5 years ago
• waratek / spiracle
  Insecure web application used to test system security controls
  ☆13Updated 2 weeks ago
• Contrast-Security-OSS / jinfinity
  An API for consuming all the memory of Java apps using deserialization
  ☆28Updated 8 years ago
• frohoff / inspector-gadget
  Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
  ☆103Updated 8 years ago
• Checkmarx / WebViewGoat
  A deliberately vulnerable Android application to demonstrate exfiltration scenarios
  ☆11Updated 4 years ago
• openhab / static-code-analysis
  Maven tooling for static code analysis
  ☆32Updated last month
• secdec / astam-correlator
  Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…
  ☆23Updated last year
• typetools / sparta
  Static Program Analysis for Reliable Trusted Apps
  ☆21Updated 5 years ago
• DirectDefense-zz / SuperSerial
  ☆75Updated this week
• bradsdavis / candle-decompiler
  Candle Decompiler
  ☆82Updated 10 years ago
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated 4 months ago
• rcseacord / JavaSCR
  Secure Coding Rules for Java
  ☆30Updated last year
• jenkinsci / contrast-continuous-application-security-plugin
  Jenkins Plugin from Contrast Security
  ☆13Updated last month