leihehehe / Java-deserialization-vulnerabilityLinks

Personal notes for Java Deserialization Vulnerability. 对应Java反序列化漏洞利用链集合详解、个人笔记

☆18

Alternatives and similar repositories for Java-deserialization-vulnerability

Users that are interested in Java-deserialization-vulnerability are comparing it to the libraries listed below

Sorting:

tangxiaofeng7 / Spring-Cloud-Function-Spel
Spring Cloud Function Spel命令执行漏洞
☆39Updated 3 years ago
Lotus6 / FileMonitor
Java命令行文件监控小工具(代码审计)
☆103Updated 4 years ago
S9MF / ShiroScan2
基于BurpShiroPassiveScan修改增加了Xray回显链生成
☆56Updated 3 years ago
lz520520 / encrypt-js
☆34Updated 3 years ago
Jeromeyoung / log4j2burpscanner
CVE-2021-44228，log4j2 burp插件 Java版本，dnslog选取了非dnslog.cn域名
☆32Updated 4 years ago
8ypass / weblogicExploit
weblogic历史漏洞利用工具
☆91Updated 3 years ago
j2ekim / Security_Service_Interviews
安服面经☞渗透测试/代码审计/安全研究
☆28Updated 3 years ago
safe6Sec / JavaDeserialization
java反序列化学习笔记
☆16Updated 4 years ago
coffeehb / Spring4Shell
一个Spring4Shell 被动式检测的Burp插件
☆93Updated 3 years ago
Firebasky / ScanShiro
一个批量扫描shiro漏洞的工具,支持AES/CMG
☆79Updated 3 years ago
j5s / FscanX
A Large killer focused on intranet scanning
☆29Updated 4 years ago
r00tSe7en / log4jScan_Modify
对接JNDIMonitor的Burp Suite被动扫描插件
☆26Updated 4 years ago
zer0yu / Open-PoC
PoC for pocsuite3 and nuclei
☆56Updated 3 years ago
tangxiaofeng7 / CVE-2022-22965-Spring-Core-Rce
批量无损检测CVE-2022-22965
☆41Updated 3 years ago
cyal1 / host_scan
这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。https://github.com/fofapro/Hosts_scan implement in Go
☆116Updated 3 years ago
kuang-zy / 2023-Weaver-pocs
2023泛微0A漏洞poc检测工具
☆39Updated 2 years ago
cckuailong / YarnRpcRCE
☆83Updated 4 years ago
xiaopan233 / GenerateNoHard
本工具的定位是快速生成Java安全相关的Payload，如内存马、反序列化链、JNDI url、Fastjson等，动态生成相关Payload，并附带相应的文档。
☆93Updated 11 months ago
lu2ker / ApiHelper
一款BurpSuite插件，辅助手工测试
☆72Updated 2 years ago
ce-automne / FastjsonPatrol
一款探测fastjson漏洞的BurpSuite插件
☆61Updated 3 years ago
SummerSec / BlogPapers
<a href="sumsec.me"><img src="https://readme-typing-svg.demolab.com?font=Fira+Code&size=24&pause=1000&color=FDFDFD&background=13797800&ce…
☆54Updated this week
r00tuser111 / SerializationDumper-Shiro
基于SerializationDumper的Shiro Cookie序列化数据解密小工具
☆54Updated 5 years ago
Hackaspx / Hackaspx
《ASPX安全-只有ASPX安全才能拯救.NET》Only ASPX Security Can Save The NET.
☆37Updated 3 years ago
damit5 / backupGen
根据域名生成备份文件字典（不扫描）
☆23Updated 2 years ago
0linlin0 / Java
java
☆54Updated 3 years ago
wuppp / releaseBehinderShell
卸载冰蝎内存马
☆68Updated 4 years ago
A0WaQ4 / BurpCRLFScan
使用java编写的CRLF-Injection-burp被动扫描插件
☆46Updated 3 years ago
Al1ex / Hadoop-Yarn-ResourceManager-RCE
Hadoop Yan ResourceManager unauthorized RCE
☆38Updated 4 years ago
woodpecker-framework / woodpecker-requests
woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。
☆72Updated 3 months ago
woodpecker-appstore / springboot-vuldb
☆70Updated 4 years ago