kantega / notsoserial
Java Agent which mitigates deserialisation attacks by making certain classes unserializable
☆183Updated 8 years ago
Related projects: ⓘ
- A tiny Java agent that blocks attacks against unsafe deserialization☆82Updated 6 years ago
- Identify vulnerable libraries in Maven dependencies☆45Updated last year
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆103Updated 8 years ago
- A rule for the Maven enforcer plugin to check for vulnerable artifacts within a project.☆40Updated 3 years ago
- Java Deserialization☆26Updated 7 years ago
- Look-Ahead Java Deserialization Library☆400Updated 4 years ago
- A static analysis API for finding deserialization attack gadgets☆37Updated last year
- CVE database store☆129Updated 3 years ago
- Custom security ruleset for the popular Java static analysis tool PMD.☆61Updated 8 years ago
- Non-interactive Java debugger with Groovy☆79Updated 5 months ago
- ☆492Updated 8 years ago
- coverage guided fuzz testing for java☆227Updated 3 years ago
- ☆132Updated 8 years ago
- Hdiv CE | Application Self-Protection☆214Updated last week
- ☆70Updated 7 years ago
- Externalize Java application access to protected resources as log messages.☆41Updated 4 months ago
- Maven plugin for integrating with HCL AppScan Source☆9Updated 11 months ago
- Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.☆142Updated 7 years ago
- A static byte code analyzer for Java deserialization gadget research☆242Updated 7 years ago
- Serial Whitelist Application Trainer☆29Updated 5 years ago
- OWASP Security Logging library for Java☆113Updated 9 months ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆121Updated 6 years ago
- Mass scanner for the Java serialize bug☆148Updated 5 years ago
- From https://code.google.com/p/jdeserialize/☆34Updated 10 years ago
- Burp extension to perform Java Deserialization Attacks☆208Updated 7 months ago
- Maven central doesn't do SSL when serving you JARs. Dilettante is a MiTM proxy for exploiting that.☆159Updated 2 years ago
- Java Message Exploitation Tool☆492Updated 2 years ago
- Tool for introspection of SSL\TLS sessions☆137Updated last month
- Java web and command line applications demonstrating various security topics☆235Updated 2 weeks ago
- Evaluation Framework for Dependency Analysis (EFDA)☆40Updated 2 years ago