jeonglee / Libinjection
Libinjection in Java
☆37Updated 8 years ago
Related projects: ⓘ
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆203Updated 3 years ago
- Google V8 with OpenRASP builtins☆55Updated 3 years ago
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆306Updated 2 years ago
- 基于JVM-Sandbox实现RASP安全监控防护☆50Updated last year
- 分析验证安全漏洞,仅供学习☆21Updated 4 years ago
- 用于检测maven项目的第三方依赖组件是否存在安全漏洞。☆99Updated 2 years ago
- OpenRASP 漏洞测试环境☆300Updated 10 months ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆215Updated last week
- ☆39Updated 6 years ago
- docker 安全基线规范☆90Updated 6 years ago
- ☆202Updated this week
- SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.☆102Updated 6 years ago
- 三方依赖库扫描系统☆89Updated 3 years ago
- java xxe defense demo☆46Updated 5 years ago
- exploit for fastjson remote code execution vulnerability☆152Updated last year
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213Updated 4 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆57Updated 4 years ago
- 一款监控端口变化的系统——beholder_web端☆21Updated 3 years ago
- 个人用于在自动化挖掘gadget时,方便查找gadget chains中class所在jar包,以助于便捷审计测试gadget有效性的那么一个小工具。☆60Updated 4 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116Updated 5 years ago
- ☆111Updated this week
- 基于 Docker 的真实应用测试环境☆262Updated last year
- Java Security Documents☆79Updated 5 years ago
- ☆129Updated 2 years ago
- docker remote api未授权访问的利用代码☆50Updated 7 years ago
- log4j2-vaccine☆85Updated 2 years ago
- ☆142Updated 2 years ago
- ☆263Updated this week
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆126Updated 4 years ago
- 更快速的进行Web应用指纹识别☆168Updated 5 years ago