guardrailsio/awesome-java-security external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

guardrailsio/awesome-java-security

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/guardrailsio/awesome-java-security)

Close

guardrailsio / awesome-java-securityView on GitHubMore

• External links
• Readme badge

Awesome Java Security Resources 🕶☕🔐

☆317Aug 24, 2023Updated 2 years ago

Alternatives and similar repositories for awesome-java-security

Users that are interested in awesome-java-security are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Ant-FG-Lab / non_RCE

  View on GitHub
  ☆41Mar 10, 2021Updated 5 years ago
• LyleMi / papers

  View on GitHub
  Academic papers and articles that I read related to web hacking, fuzzing, etc. / 阅读过的Web安全方向、模糊测试方向的一些论文与阅读笔记
  ☆379Jan 26, 2024Updated 2 years ago
• 1lastBr3ath / XSleaks

  View on GitHub
  Chrome extension to detect possible xsleaks
  ☆12May 4, 2019Updated 6 years ago
• mi1k7ea / M7-03

  View on GitHub
  个人使用的一款Web CMS指纹扫描器
  ☆25Aug 4, 2020Updated 5 years ago
• dschadow / JavaSecurity

  View on GitHub
  Java web and command line applications demonstrating various security topics
  ☆238Updated this week
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• pwntester / SerialKillerBypassGadgetCollection

  View on GitHub
  Collection of bypass gadgets to extend and wrap ysoserial payloads
  ☆387Apr 16, 2022Updated 4 years ago
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• Tom4t0 / My-CTF-Challenges

  View on GitHub
  ☆17May 29, 2018Updated 7 years ago
• fairyming / CVE-2020-9548

  View on GitHub
  CVE-2020-9548：FasterXML/jackson-databind 远程代码执行漏洞
  ☆24Mar 2, 2020Updated 6 years ago
• kai5263499 / awesome-container-security

  View on GitHub
  Awesome list of resources related to container security
  ☆247Apr 7, 2026Updated 3 weeks ago
• veracode-research / actuator-testbed

  View on GitHub
  A vulnerable application exposing Spring Boot Actuators
  ☆123Feb 25, 2019Updated 7 years ago
• BishopFox / rmiscout

  View on GitHub
  RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
  ☆448Sep 7, 2022Updated 3 years ago
• pwntester / XStreamPOC

  View on GitHub
  POC for XStream RCE
  ☆13Dec 23, 2013Updated 12 years ago
• PalindromeLabs / Java-Deserialization-CVEs

  View on GitHub
  Compiled dataset of Java deserialization CVEs
  ☆60Aug 31, 2020Updated 5 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• GrrrDog / Java-Deserialization-Cheat-Sheet

  View on GitHub
  The cheat sheet about Java Deserialization vulnerabilities
  ☆3,173May 26, 2023Updated 2 years ago
• voidfyoo / rwctf-2021-old-system

  View on GitHub
  ☆78Jan 12, 2021Updated 5 years ago
• JackOfMostTrades / gadgetinspector

  View on GitHub
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆1,081Jun 15, 2021Updated 4 years ago
• hex0wn / learn-java-bug

  View on GitHub
  ☆74Jun 21, 2022Updated 3 years ago
• Ruil1n / after-deserialization-attack

  View on GitHub
  Java After-Deserialization Attack
  ☆78Apr 26, 2021Updated 5 years ago
• AntoineRondelet / uxss-vulnerabilities-research

  View on GitHub
  Some research on UXSS vulnerabilities in web browsers
  ☆12May 14, 2018Updated 7 years ago
• githubsatelliteworkshops / codeql

  View on GitHub
  GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.
  ☆211Sep 27, 2024Updated last year
• terjanq / Easter-xss-challenge

  View on GitHub
  Inti easter challenge poc
  ☆17May 4, 2021Updated 4 years ago
• duyet / awesome-web-scraper

  View on GitHub
  A collection of awesome web scaper, crawler.
  ☆285Apr 4, 2024Updated 2 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• vaib25vicky / awesome-mobile-security

  View on GitHub
  An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respect…
  ☆3,465Mar 1, 2024Updated 2 years ago
• kemrec / OSWE-Preparation

  View on GitHub
  Lots of POC Codes & Preparation materials, scripts, discovery processes in there.
  ☆16Feb 8, 2024Updated 2 years ago
• CodeReaderMe / awesome-code-reading

  View on GitHub
  A curated list of high-quality codebases to read and study. Read more code!
  ☆385Oct 25, 2018Updated 7 years ago
• Cryin / JavaID

  View on GitHub
  java source code static code analysis and danger function identify prog
  ☆536Feb 18, 2019Updated 7 years ago
• ODDFuzz / ODDFuzz

  View on GitHub
  S&P2023 Paper
  ☆39Aug 20, 2022Updated 3 years ago
• mogwailabs / rmi-deserialization

  View on GitHub
  Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
  ☆101Sep 20, 2019Updated 6 years ago
• tothi / ctfs

  View on GitHub
  some example ctf writeups
  ☆27Oct 23, 2020Updated 5 years ago
• BishopFox / GadgetProbe

  View on GitHub
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆613Mar 4, 2021Updated 5 years ago
• wh1t3p1g / ysomap

  View on GitHub
  A helpful Java Deserialization exploit framework.
  ☆1,241Feb 17, 2025Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• cornerpirate / java-stager

  View on GitHub
  A PoC Java Stager which can download, compile, and execute a Java file in memory.
  ☆108Aug 6, 2018Updated 7 years ago
• wafinfo / SyscallLoader

  View on GitHub
  SyscallLoader
  ☆11Sep 13, 2021Updated 4 years ago
• Ppsoft1991 / CodeReviewTools

  View on GitHub
  通过正则搜索、批量反编译特定Jar包中的class名称
  ☆322Dec 9, 2021Updated 4 years ago
• NickstaDB / SerializationDumper

  View on GitHub
  A tool to dump Java serialization streams in a more human readable form.
  ☆1,069Jun 21, 2024Updated last year
• unicodeveloper / awesome-documentation-tools

  View on GitHub
  All the tools, processes and resources you need to create an awesome API & Project documentation
  ☆217Mar 11, 2026Updated last month
• Metarget / awesome-cloud-native-security

  View on GitHub
  awesome resources about cloud native security 🐿
  ☆327Nov 4, 2023Updated 2 years ago
• reyronald / awesome-toolkits

  View on GitHub
  A curated list of open source, high-quality, popular and well maintained "zero-configuration" (#0CJS) toolkits
  ☆548Dec 22, 2019Updated 6 years ago