ikkisoft / SerialKillerLinks
Look-Ahead Java Deserialization Library
☆414Updated 5 years ago
Alternatives and similar repositories for SerialKiller
Users that are interested in SerialKiller are comparing it to the libraries listed below
Sorting:
- Java Agent which mitigates deserialisation attacks by making certain classes unserializable☆188Updated 9 years ago
- Java web and command line applications demonstrating various security topics☆237Updated last week
- A tiny Java agent that blocks attacks against unsafe deserialization☆83Updated 7 years ago
- Java Message Exploitation Tool☆502Updated 2 years ago
- A tool to dump Java serialization streams in a more human readable form.☆1,031Updated 11 months ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,032Updated 3 years ago
- A static byte code analyzer for Java deserialization gadget research☆243Updated 8 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆785Updated 3 years ago
- ☆495Updated 9 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆358Updated 3 years ago
- ☆74Updated 8 years ago
- Java RMI enumeration and attack tool.☆732Updated 7 years ago
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆107Updated 9 years ago
- ☆331Updated 2 years ago
- Coverity Security Library (CSL) is a lightweight set of escaping routines for fixing cross-site scripting (XSS), SQL injection, and other…☆201Updated 8 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆217Updated last week
- ☆808Updated 2 years ago
- Java deserialization exploitation lab.☆235Updated 6 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆404Updated 2 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆481Updated 4 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116Updated 6 years ago
- Burp extension to perform Java Deserialization Attacks☆212Updated last year
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆576Updated 3 years ago
- Vulnerable Java based Web Application☆267Updated 11 months ago
- Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).☆503Updated 3 years ago
- ☆133Updated 9 years ago
- ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for progr…☆632Updated 2 weeks ago
- (Deprecated) HQLmap, Automatic tool to exploit HQL injections☆229Updated 5 years ago
- A static analysis API for finding deserialization attack gadgets☆38Updated 2 years ago
- java source code static code analysis and danger function identify prog☆535Updated 6 years ago