Alternatives and similar repositories for SerialKiller

Users that are interested in SerialKiller are comparing it to the libraries listed below

• kantega / notsoserial
  Java Agent which mitigates deserialisation attacks by making certain classes unserializable
  ☆189Updated 9 years ago
• matthiaskaiser / jmet
  Java Message Exploitation Tool
  ☆506Updated 3 years ago
• dschadow / JavaSecurity
  Java web and command line applications demonstrating various security topics
  ☆237Updated 2 weeks ago
• pwntester / SerialKillerBypassGadgetCollection
  Collection of bypass gadgets to extend and wrap ysoserial payloads
  ☆374Updated 3 years ago
• mbechler / serianalyzer
  A static byte code analyzer for Java deserialization gadget research
  ☆247Updated 8 years ago
• Contrast-Security-OSS / contrast-rO0
  A tiny Java agent that blocks attacks against unsafe deserialization
  ☆85Updated 7 years ago
• frohoff / inspector-gadget
  Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
  ☆107Updated 9 years ago
• federicodotta / Java-Deserialization-Scanner
  All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
  ☆789Updated 3 years ago
• frohoff / marshalsec
  ☆74Updated 8 years ago
• NickstaDB / SerializationDumper
  A tool to dump Java serialization streams in a more human readable form.
  ☆1,042Updated last year
• shengqi158 / fastjson-remote-code-execute-poc
  fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class，然后运行Poc.java
  ☆404Updated 2 years ago
• foxglovesec / JavaUnserializeExploits
  ☆496Updated 9 years ago
• NickstaDB / BaRMIe
  Java RMI enumeration and attack tool.
  ☆739Updated 7 years ago
• JackOfMostTrades / gadgetinspector
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆1,048Updated 4 years ago
• dschadow / Java-Web-Security
  Java-Web-Security - Sichere Webanwendungen mit Java entwickeln
  ☆220Updated 2 weeks ago
• joaomatosf / JavaDeserH2HC
  Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
  ☆508Updated 3 years ago
• nccgroup / freddy
  Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
  ☆579Updated 3 years ago
• cdaller / security_taint_propagation
  Java taint propagation for java. Define tainted sources, sanitizer methods and sinks via aspects.
  ☆28Updated 6 years ago
• topolik / ois-dos
  Java Deserialization
  ☆26Updated 8 years ago
• ilmila / J2EEScan
  J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…
  ☆665Updated last year
• xbeark / javaopenrasp
  A Java Rasp Demo
  ☆102Updated 3 years ago
• NickstaDB / DeserLab
  Java deserialization exploitation lab.
  ☆234Updated 6 years ago
• coverity / coverity-security-library
  Coverity Security Library (CSL) is a lightweight set of escaping routines for fixing cross-site scripting (XSS), SQL injection, and other…
  ☆202Updated 9 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 2 years ago
• pwntester / JRE8u20_RCE_Gadget
  JRE8u20_RCE_Gadget
  ☆251Updated 9 years ago
• veracode-research / spring-view-manipulation
  When MVC magic turns black
  ☆293Updated 4 years ago
• PaulSec / HQLmap
  (Deprecated) HQLmap, Automatic tool to exploit HQL injections
  ☆230Updated 5 years ago
• zerothoughts / spring-jndi
  Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
  ☆116Updated 6 years ago
• LeadroyaL / fastjson-blacklist
  ☆811Updated 3 years ago
• welk1n / JNDI-Injection-Bypass
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆481Updated 4 years ago