ikkisoft / SerialKillerLinks
Look-Ahead Java Deserialization Library
☆416Updated 5 years ago
Alternatives and similar repositories for SerialKiller
Users that are interested in SerialKiller are comparing it to the libraries listed below
Sorting:
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,034Updated 4 years ago
- Java Agent which mitigates deserialisation attacks by making certain classes unserializable☆188Updated 9 years ago
- Java Message Exploitation Tool☆502Updated 2 years ago
- A static byte code analyzer for Java deserialization gadget research☆243Updated 8 years ago
- Java RMI enumeration and attack tool.☆734Updated 7 years ago
- A tool to dump Java serialization streams in a more human readable form.☆1,034Updated last year
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆369Updated 3 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆784Updated 3 years ago
- ☆495Updated 9 years ago
- Java web and command line applications demonstrating various security topics☆237Updated this week
- A tiny Java agent that blocks attacks against unsafe deserialization☆85Updated 7 years ago
- ☆74Updated 8 years ago
- Java deserialization exploitation lab.☆235Updated 6 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆481Updated 4 years ago
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆107Updated 9 years ago
- Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).☆507Updated 3 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆404Updated 2 years ago
- ☆133Updated 9 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆218Updated last week
- ☆809Updated 3 years ago
- ☆331Updated 2 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆576Updated 3 years ago
- Hdiv CE | Application Self-Protection☆215Updated 6 months ago
- (Deprecated) HQLmap, Automatic tool to exploit HQL injections☆230Updated 5 years ago
- A collection of curated Java Deserialization Exploits☆593Updated 4 years ago
- J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…☆661Updated last year
- Coverity Security Library (CSL) is a lightweight set of escaping routines for fixing cross-site scripting (XSS), SQL injection, and other…☆202Updated 8 years ago
- java source code static code analysis and danger function identify prog☆535Updated 6 years ago
- a webshell resides in the memory of java web server☆675Updated 6 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116Updated 6 years ago