Awesome Java Security Resources 🕶☕🔐
☆316Aug 24, 2023Updated 2 years ago
Alternatives and similar repositories for awesome-java-security
Users that are interested in awesome-java-security are comparing it to the libraries listed below
Sorting:
- Awesome Python Security resources 🕶🐍🔐☆956Aug 24, 2023Updated 2 years ago
- Academic papers and articles that I read related to web hacking, fuzzing, etc. / 阅读过的Web安全方向、模糊测试方向的一些论文与阅读笔记☆380Jan 26, 2024Updated 2 years ago
- 个人使用的一款Web CMS指纹扫描器☆25Aug 4, 2020Updated 5 years ago
- ☆41Mar 10, 2021Updated 4 years ago
- Java web and command line applications demonstrating various security topics☆237Feb 20, 2026Updated last week
- Chrome extension to detect possible xsleaks☆12May 4, 2019Updated 6 years ago
- ☆73Jun 21, 2022Updated 3 years ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆446Sep 7, 2022Updated 3 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆387Apr 16, 2022Updated 3 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,167May 26, 2023Updated 2 years ago
- Awesome list of resources related to container security☆247Feb 23, 2026Updated last week
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,079Jun 15, 2021Updated 4 years ago
- ☆17May 29, 2018Updated 7 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Feb 25, 2019Updated 7 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- Finding Java gadget chains with CodeQL☆185Jan 14, 2025Updated last year
- Java After-Deserialization Attack☆79Apr 26, 2021Updated 4 years ago
- GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.☆211Sep 27, 2024Updated last year
- CVE-2020-9548:FasterXML/jackson-databind 远程代码执行漏洞☆24Mar 2, 2020Updated 6 years ago
- ☆78Jan 12, 2021Updated 5 years ago
- A helpful Java Deserialization exploit framework.☆1,240Feb 17, 2025Updated last year
- A tool to dump Java serialization streams in a more human readable form.☆1,066Jun 21, 2024Updated last year
- An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respect…☆3,423Mar 1, 2024Updated 2 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- awesome resources about cloud native security 🐿☆324Nov 4, 2023Updated 2 years ago
- All the tools, processes and resources you need to create an awesome API & Project documentation☆215Oct 3, 2018Updated 7 years ago
- The repository for Building visualisation platforms for OSINT data using open source solutions☆29Aug 21, 2018Updated 7 years ago
- A collection of public security audits.☆208Dec 3, 2019Updated 6 years ago
- A curated list of open source, high-quality, popular and well maintained "zero-configuration" (#0CJS) toolkits☆549Dec 22, 2019Updated 6 years ago
- A collection of awesome web scaper, crawler.☆283Apr 4, 2024Updated last year
- Compiled dataset of Java deserialization CVEs☆60Aug 31, 2020Updated 5 years ago
- 通过正则搜索、批量反编译特定Jar包中的class名称☆320Dec 9, 2021Updated 4 years ago
- S&P2023 Paper☆39Aug 20, 2022Updated 3 years ago
- Curated collection of useful little Java functions that you can understand quickly☆1,056Sep 26, 2022Updated 3 years ago
- 利用链、漏洞检测工具☆373Jul 31, 2024Updated last year
- Alleycat plugin by devttys0, ported to IDA 8☆11Jan 15, 2025Updated last year
- RTL-SDR 433MHz signal recovery with MATLAB☆12Feb 13, 2015Updated 11 years ago
- Deceptive tradecraft should be fun and light, not stern and stressful. It is cool to be cute.☆13Dec 1, 2023Updated 2 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago