Alternatives and similar repositories for marshalsec:

Users that are interested in marshalsec are comparing it to the libraries listed below

• frohoff / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆7,965Updated 10 months ago
• welk1n / JNDI-Injection-Exploit
  JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）
  ☆2,649Updated last year
• GrrrDog / Java-Deserialization-Cheat-Sheet
  The cheat sheet about Java Deserialization vulnerabilities
  ☆3,067Updated last year
• tarunkant / Gopherus
  This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
  ☆2,963Updated last year
• sensepost / reGeorg
  The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
  ☆3,049Updated 4 years ago
• veracode-research / rogue-jndi
  A malicious LDAP server for JNDI injection attacks
  ☆1,028Updated last year
• whwlsfb / Log4j2Scan
  Log4j2 RCE Passive Scanner plugin for BurpSuite
  ☆786Updated last year
• JackOfMostTrades / gadgetinspector
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆1,014Updated 3 years ago
• tangxiaofeng7 / CVE-2021-44228-Apache-Log4j-Rce
  Apache Log4j 远程代码执行
  ☆79Updated last year
• epinna / tplmap
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆3,868Updated 10 months ago
• pwntester / ysoserial.net
  Deserialization payload generator for a variety of .NET formatters
  ☆3,329Updated last month
• joaomatosf / jexboss
  JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
  ☆2,440Updated 5 years ago
• JoyChou93 / java-sec-code
  Java web common vulnerabilities and security code which is base on springboot and spring security
  ☆2,461Updated 2 months ago
• d3vilbug / HackBar
  HackBar plugin for Burpsuite
  ☆1,565Updated 3 years ago
• NickstaDB / SerializationDumper
  A tool to dump Java serialization streams in a more human readable form.
  ☆1,010Updated 8 months ago
• knownsec / pocsuite3
  pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
  ☆3,687Updated this week
• ambionics / phpggc
  PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
  ☆3,362Updated 2 months ago
• L-codes / Neo-reGeorg
  Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
  ☆2,979Updated this week
• nomi-sec / PoC-in-GitHub
  📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
  ☆6,717Updated this week
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆4,072Updated 3 months ago
• zer0yu / Awesome-CobaltStrike
  List of Awesome CobaltStrike Resources
  ☆4,083Updated last year
• AonCyberLabs / Windows-Exploit-Suggester
  This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…
  ☆4,029Updated last year
• ticarpi / jwt_tool
  A toolkit for testing, tweaking and cracking JSON Web Tokens
  ☆5,617Updated 6 months ago
• cujanovic / SSRF-Testing
  SSRF (Server Side Request Forgery) testing resources
  ☆2,385Updated 4 months ago
• Ascotbe / Kernelhub
  Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability detai…
  ☆2,965Updated 2 years ago
• SecWiki / windows-kernel-exploits
  windows-kernel-exploits Windows平台提权漏洞集合
  ☆8,202Updated 3 years ago
• xl7dev / WebShell
  Webshell && Backdoor Collection
  ☆1,866Updated 4 years ago
• mm0r1 / exploits
  Pwn stuff.
  ☆1,769Updated 2 years ago
• Dliv3 / Venom
  Venom - A Multi-hop Proxy for Penetration Testers
  ☆2,047Updated 2 years ago
• The-Z-Labs / linux-exploit-suggester
  Linux privilege escalation auditing tool
  ☆5,799Updated last year