hex0wn/learn-java-bug external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hex0wn/learn-java-bug

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hex0wn/learn-java-bug)

Close

hex0wn / learn-java-bugView on GitHubMore

• External links
• Readme badge

☆73Jun 21, 2022Updated 3 years ago

Alternatives and similar repositories for learn-java-bug

Users that are interested in learn-java-bug are comparing it to the libraries listed below

• waderwu / attackRmi

  View on GitHub
  attackRmi
  ☆258Oct 14, 2020Updated 5 years ago
• Ramos-dev / R9000

  View on GitHub
  ☆57Apr 27, 2020Updated 5 years ago
• R17a-17 / JavaVulnSummary

  View on GitHub
  Java漏洞分析汇合
  ☆142Dec 14, 2021Updated 4 years ago
• uknowsec / SharpSQLDump

  View on GitHub
  内网渗透中快速获取数据库所有库名，表名，列名。具体判断后再去翻数据，节省时间。适用于mysql，mssql。
  ☆198Nov 11, 2019Updated 6 years ago
• Ormicron / bcelkit

  View on GitHub
  BCEL编解码工具
  ☆16Aug 3, 2022Updated 3 years ago
• lalajun / RMIDeserialize

  View on GitHub
  RMI 反序列化环境 一步步
  ☆213Aug 31, 2020Updated 5 years ago
• AV1080p / polymarket-trading-bot

  View on GitHub
  ☆110Jan 26, 2026Updated last month
• c0ny1 / java-object-searcher

  View on GitHub
  java内存对象搜索辅助工具
  ☆823Sep 23, 2022Updated 3 years ago
• grayddq / EBurst

  View on GitHub
  这个脚本主要提供对Exchange邮件服务器的账户爆破功能，集成了现有主流接口的爆破方式。
  ☆339May 22, 2023Updated 2 years ago
• March110 / javaweb-sec

  View on GitHub
  攻击Java Web应用-[Java Web安全]
  ☆15Dec 9, 2020Updated 5 years ago
• su18 / rasp-vuln

  View on GitHub
  当死去的记忆突然开始攻击我，我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。
  ☆88Jul 21, 2022Updated 3 years ago
• Mochazz / Struts2-Vuln

  View on GitHub
  关于Struts2框架的历史漏洞个人分析文章
  ☆54Jun 17, 2020Updated 5 years ago
• safe6Sec / JavaDeserialization

  View on GitHub
  java反序列化学习笔记
  ☆16Nov 17, 2021Updated 4 years ago
• feihong-cs / Java-Rce-Echo

  View on GitHub
  Java RCE 回显测试代码
  ☆1,015Oct 15, 2020Updated 5 years ago
• r00tuser111 / ActuatorExploitTools

  View on GitHub
  一款用于攻击spring boot actuator的集成环境，目前集成三种攻击方式，支持1.x、2.x
  ☆86Jul 26, 2021Updated 4 years ago
• Afant1 / RemoteObjectInvocationHandler

  View on GitHub
  bypass JEP290 RaspHook code
  ☆63Sep 21, 2020Updated 5 years ago
• GoSecure / dtd-finder

  View on GitHub
  List DTDs and generate XXE payloads using those local DTDs.
  ☆651Feb 21, 2024Updated 2 years ago
• kingkaki / Struts2-Vulenv

  View on GitHub
  struts2 漏洞环境源代码
  ☆75Jul 8, 2022Updated 3 years ago
• Artemis1029 / Java_xmlhack

  View on GitHub
  帮助java环境下任意文件下载情况自动化读取源码的小工具
  ☆166Apr 5, 2019Updated 6 years ago
• Y4er / fastjson-bypass-autotype-1.2.68

  View on GitHub
  fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
  ☆229Oct 12, 2022Updated 3 years ago
• pyn3rd / Spring-Boot-Vulnerability

  View on GitHub
  ☆423Jan 5, 2022Updated 4 years ago
• c0ny1 / FastjsonExploit

  View on GitHub
  Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
  ☆1,389Dec 16, 2022Updated 3 years ago
• lufeirider / CVE-2019-2725

  View on GitHub
  CVE-2019-2725 命令回显
  ☆436May 8, 2023Updated 2 years ago
• iSafeBlue / redis-rce

  View on GitHub
  Redis RCE 的几种方法
  ☆90Jun 5, 2024Updated last year
• l3m0n / Bypass_Disable_functions_Shell

  View on GitHub
  一个各种方式突破Disable_functions达到命令执行的shell
  ☆1,198Oct 17, 2023Updated 2 years ago
• SummerSec / JavaLearnVulnerability

  View on GitHub
  Java漏洞学习笔记 Deserialization Vulnerability
  ☆946Jun 14, 2023Updated 2 years ago
• mstxq17 / cve-2020-1472

  View on GitHub
  cve-2020-1472 复现利用及其exp
  ☆112Sep 16, 2020Updated 5 years ago
• LandGrey / ClassHound

  View on GitHub
  利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
  ☆712May 10, 2021Updated 4 years ago
• Ch1ngg / JCE

  View on GitHub
  JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本
  ☆258Oct 29, 2021Updated 4 years ago
• ZeddYu / HTTP-Smuggling-Lab

  View on GitHub
  Use HTTP Smuggling Lab to learn HTTP Smuggling.
  ☆346Nov 20, 2022Updated 3 years ago
• wh1t3p1g / ysomap

  View on GitHub
  A helpful Java Deserialization exploit framework.
  ☆1,242Feb 17, 2025Updated last year
• zema1 / ysoserial

  View on GitHub
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆357Sep 20, 2022Updated 3 years ago
• xiaopan233 / GenerateNoHard

  View on GitHub
  本工具的定位是快速生成Java安全相关的Payload，如内存马、反序列化链、JNDI url、Fastjson等，动态生成相关Payload，并附带相应的文档。
  ☆93Feb 25, 2025Updated last year
• hktalent / CVE-2020-2551

  View on GitHub
  how detect CVE-2020-2551 poc exploit python Weblogic RCE with IIOP
  ☆211Mar 5, 2023Updated 3 years ago
• Wker666 / javaHookFrameWork

  View on GitHub
  反编译 源代码级别的hook
  ☆36Aug 12, 2022Updated 3 years ago
• threedr3am / JSP-WebShells

  View on GitHub
  Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
  ☆1,405Jan 18, 2022Updated 4 years ago
• threedr3am / ZhouYu

  View on GitHub
  （周瑜）Java - SpringBoot 持久化 WebShell（不仅仅是SpringBoot，适合任何符合JavaEE规范的服务）
  ☆614Dec 29, 2021Updated 4 years ago
• Lonely-night / fastjson_gadgets_scanner

  View on GitHub
  ☆131Jun 17, 2022Updated 3 years ago
• JustBeYou / ctfs

  View on GitHub
  Writeups and solver scripts wrote for CTFS and Wargames, mostly memory corruption and reverse engineering tasks.
  ☆12Feb 2, 2023Updated 3 years ago