ikkisoft / SerialKillerLinks
Look-Ahead Java Deserialization Library
☆422Updated 5 years ago
Alternatives and similar repositories for SerialKiller
Users that are interested in SerialKiller are comparing it to the libraries listed below
Sorting:
- Java Agent which mitigates deserialisation attacks by making certain classes unserializable☆190Updated 9 years ago
- Java Message Exploitation Tool☆509Updated 3 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆381Updated 3 years ago
- Java web and command line applications demonstrating various security topics☆237Updated this week
- A static byte code analyzer for Java deserialization gadget research☆250Updated 8 years ago
- ☆497Updated 9 years ago
- A tiny Java agent that blocks attacks against unsafe deserialization☆86Updated 7 years ago
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆108Updated 9 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆796Updated 3 years ago
- Java RMI enumeration and attack tool.☆743Updated 8 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆405Updated 2 years ago
- ☆75Updated 8 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆221Updated this week
- A Java Rasp Demo☆103Updated 3 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116Updated 6 years ago
- JRE8u20_RCE_Gadget☆253Updated 9 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,062Updated 4 years ago
- A tool to dump Java serialization streams in a more human readable form.☆1,052Updated last year
- Java taint propagation for java. Define tainted sources, sanitizer methods and sinks via aspects.☆28Updated 6 years ago
- Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).☆515Updated 3 years ago
- Java deserialization exploitation lab.☆235Updated 6 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆580Updated 4 years ago
- ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for progr…☆641Updated this week
- Mogwai Java Management Extensions (JMX) Exploitation Toolkit☆175Updated 9 years ago
- Java Deserialization☆26Updated 8 years ago
- A static analysis API for finding deserialization attack gadgets☆38Updated 2 years ago
- ☆133Updated 9 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆482Updated 4 years ago
- Coverity Security Library (CSL) is a lightweight set of escaping routines for fixing cross-site scripting (XSS), SQL injection, and other…☆203Updated 9 years ago
- ☆333Updated 2 years ago