hex0wn / learn-java-bugLinks

☆71

Alternatives and similar repositories for learn-java-bug

Users that are interested in learn-java-bug are comparing it to the libraries listed below

Sorting:

Ramos-dev / R9000
☆58Updated 5 years ago
jas502n / fastjson-RCE
fastjson-1.2.47
☆66Updated 5 years ago
kingkaki / Struts2-Vulenv
struts2 漏洞环境源代码
☆75Updated 2 years ago
bit4woo / Java_deserialize_vuln_lab
Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
☆87Updated 6 years ago
Afant1 / RemoteObjectInvocationHandler
bypass JEP290 RaspHook code
☆62Updated 4 years ago
shengqi158 / Jackson-databind-RCE-PoC
☆82Updated 7 years ago
jas502n / kibana-RCE
kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609
☆89Updated 5 years ago
jas502n / SHIRO-721
RememberMe Padding Oracle Vulnerability RCE
☆71Updated 5 years ago
Ruil1n / after-deserialization-attack
Java After-Deserialization Attack
☆79Updated 4 years ago
threedr3am / FindClassInJars
个人用于在自动化挖掘gadget时，方便查找gadget chains中class所在jar包，以助于便捷审计测试gadget有效性的那么一个小工具。
☆60Updated 5 years ago
LeadroyaL / java-xxe-defense-demo
java xxe defense demo
☆48Updated 5 years ago
pwntester / codeql_grehack_workshop
GreHack 2021 CodeQL for Java workshop
☆75Updated 3 years ago
gitrobtest / Java-Security
Java Security Documents
☆80Updated 5 years ago
Lonely-night / fastjson_gadgets_scanner
☆131Updated 3 years ago
veracode-research / actuator-testbed
A vulnerable application exposing Spring Boot Actuators
☆122Updated 6 years ago
boy-hack / bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
☆24Updated 5 years ago
mishmashclone / GrrrDog-Java-Deserialization-Cheat-Sheet
https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
☆50Updated 3 years ago
guimaizi / testing_wave
☆58Updated 5 years ago
kingkaki / ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆102Updated 5 years ago
genxor / Deserialize
☆1Updated 6 years ago
proudwind / struts2_vulns
Struts2 vuln env
☆43Updated 2 years ago
codeplutos / MySQL-JDBC-Deserialization-Payload
MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload
☆13Updated 5 years ago
tobechenghuai / Shiro_721_Padding_Oracle_RCE
Shiro_721 exp 纯手工实现Padding Oracle整个过程
☆67Updated 5 years ago
aRe00t / rce-over-spark
Remote Command Execution Over Spark
☆96Updated 7 years ago
Al1ex / CVE-2020-36179
CVE-2020-36179~82 Jackson-databind SSRF&RCE
☆81Updated 4 years ago
QAX-A-Team / SerialWriter
SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.
☆104Updated 7 years ago
LeadroyaL / java_xxe_2019
总结了一下2019年在JVM环境中使用XXE攻击的知识
☆57Updated 5 years ago
fnmsd / zimbra_poc
Zimbra XXE+SSRF+UPLOAD Poc
☆59Updated 5 years ago
jas502n / fastjson-1.2.58-rce
fastjson-1.2.58-rce with h2 database
☆34Updated 5 years ago
cowtowncoder / jackson-compat-minor
Test repository for verifying compatibility between adjacent minor versions
☆36Updated 3 months ago