Alternatives and similar repositories for ysoserial

Users that are interested in ysoserial are comparing it to the libraries listed below

• iSafeBlue / fastjson-autotype-bypass-demo
  fastjson 1.2.68 版本 autotype bypass
  ☆141Updated 3 years ago
• Afant1 / JavaSearchTools
  ☆61Updated 4 years ago
• uknowsec / BurpSuite-Extender-fastjson
  Reference：https://www.w2n1ck.com/article/44/
  ☆155Updated 5 years ago
• jas502n / CVE-2019-2888
  WebLogic EJBTaglibDescriptor XXE漏洞(CVE-2019-2888)
  ☆59Updated 5 years ago
• potats0 / javaSerializationTools
  ☆142Updated 4 years ago
• wuppp / shiro_rce_exp
  Shiro RCE (Padding Oracle Attack)
  ☆145Updated 5 years ago
• lalajun / RMIDeserialize
  RMI 反序列化环境 一步步
  ☆213Updated 5 years ago
• jas502n / SHIRO-721
  RememberMe Padding Oracle Vulnerability RCE
  ☆71Updated 5 years ago
• Mochazz / Struts2-Vuln
  关于Struts2框架的历史漏洞个人分析文章
  ☆54Updated 5 years ago
• Y4er / fastjson-bypass-autotype-1.2.68
  fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
  ☆227Updated 2 years ago
• DSO-Lab / defvul
  DSO-Lab 漏洞研究成果整理
  ☆83Updated 3 years ago
• jas502n / xxl-job
  xxl-job RESTful API RCE
  ☆72Updated 4 years ago
• timwhitez / Frog-Fp
  🐸fingerprint detect framework 批量深度指纹识别框架
  ☆120Updated 2 years ago
• 1c3z / fileleak
  又一款敏感文件泄漏检测工具
  ☆105Updated 5 years ago
• jas502n / SHIRO-550
  Shiro RememberMe 1.2.4 反序列化 漏洞
  ☆55Updated 5 years ago
• kingkaki / Struts2-Vulenv
  struts2 漏洞环境源代码
  ☆75Updated 3 years ago
• admintony / shiro_rememberMe_Rce
  利用长亭xray高级版的回显Gadget重写的一个shiro反序列化利用工具。
  ☆123Updated 5 years ago
• jas502n / SpringBoot_Actuator_RCE
  SpringBoot_Actuator_RCE
  ☆96Updated 5 years ago
• Artemis1029 / Java_xmlhack
  帮助java环境下任意文件下载情况自动化读取源码的小工具
  ☆167Updated 6 years ago
• Afant1 / RemoteObjectInvocationHandler
  bypass JEP290 RaspHook code
  ☆62Updated 4 years ago
• TheKingOfDuck / paramFuzzer
  一款高效的参数fuzz工具|A faster param fuzzing test tool
  ☆102Updated 4 years ago
• langligelang / CAS_EXP
  CAS 硬编码 远程代码执行漏洞
  ☆126Updated 4 years ago
• r35tart / RedisDirScan
  此脚本用于测试 Rdies 未授权访问，在没权限写ssh私钥和定时任务又不知道web绝对路径的情况下，进行WEB目录探测
  ☆73Updated 6 years ago
• w0x68y / bypassWAF
  bypassD盾、安全狗、云锁
  ☆107Updated 4 years ago
• LS95 / gopher-redis-auth
  This tool generates gopher link for exploiting SSRF and gaining RCE in redis with password.用于生成附带密码认证的gopher内容，用于SSRF等利用。
  ☆118Updated 6 years ago
• cowtowncoder / jackson-compat-minor
  Test repository for verifying compatibility between adjacent minor versions
  ☆36Updated 6 months ago
• iSafeBlue / redis-rce
  Redis RCE 的几种方法
  ☆90Updated last year
• Y4er / yaml-payload
  Spring Cloud SnakeYAML 反序列化一键注入cmdshell和reGeorg
  ☆135Updated 4 years ago
• dpu / coremail-address-book
  📧Coremail邮件系统组织通讯录导出脚本
  ☆158Updated 3 years ago
• whirlwind110 / tphack
  Thinkphp3/5 Log文件泄漏利用工具
  ☆60Updated 7 years ago