Alternatives and similar repositories for marshalsec:

Users that are interested in marshalsec are comparing it to the libraries listed below

• welk1n / JNDI-Injection-Exploit
  JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）
  ☆2,615Updated last year
• frohoff / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆7,852Updated 8 months ago
• GrrrDog / Java-Deserialization-Cheat-Sheet
  The cheat sheet about Java Deserialization vulnerabilities
  ☆3,044Updated last year
• veracode-research / rogue-jndi
  A malicious LDAP server for JNDI injection attacks
  ☆1,017Updated last year
• tarunkant / Gopherus
  This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
  ☆2,905Updated last year
• knownsec / pocsuite3
  pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
  ☆3,665Updated 3 weeks ago
• sensepost / reGeorg
  The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
  ☆3,036Updated 4 years ago
• joaomatosf / jexboss
  JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
  ☆2,429Updated 4 years ago
• JackOfMostTrades / gadgetinspector
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆1,005Updated 3 years ago
• epinna / tplmap
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆3,818Updated 7 months ago
• JoyChou93 / java-sec-code
  Java web common vulnerabilities and security code which is base on springboot and spring security
  ☆2,426Updated 2 weeks ago
• whwlsfb / Log4j2Scan
  Log4j2 RCE Passive Scanner plugin for BurpSuite
  ☆776Updated last year
• L-codes / Neo-reGeorg
  Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
  ☆2,925Updated 2 months ago
• d3vilbug / HackBar
  HackBar plugin for Burpsuite
  ☆1,549Updated 3 years ago
• tangxiaofeng7 / CVE-2021-44228-Apache-Log4j-Rce
  Apache Log4j 远程代码执行
  ☆75Updated last year
• Ascotbe / Kernelhub
  Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability detai…
  ☆2,945Updated last year
• xl7dev / WebShell
  Webshell && Backdoor Collection
  ☆1,839Updated 4 years ago
• NickstaDB / SerializationDumper
  A tool to dump Java serialization streams in a more human readable form.
  ☆996Updated 5 months ago
• enjoiz / XXEinjector
  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
  ☆1,553Updated 2 weeks ago
• cdk-team / CDK
  📦 Make security testing of K8s, Docker, and Containerd easier.
  ☆3,971Updated last month
• pwntester / ysoserial.net
  Deserialization payload generator for a variety of .NET formatters
  ☆3,257Updated 2 weeks ago
• projectdiscovery / interactsh
  An OOB interaction gathering server and client library
  ☆3,487Updated this week
• ambionics / phpggc
  PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
  ☆3,271Updated 3 weeks ago
• lijiejie / ds_store_exp
  A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
  ☆1,549Updated last year
• swisskyrepo / SSRFmap
  Automatic SSRF fuzzer and exploitation tool
  ☆3,028Updated 6 months ago
• qazbnm456 / awesome-cve-poc
  ✍️ A curated list of CVE PoCs.
  ☆3,337Updated 2 years ago
• cujanovic / SSRF-Testing
  SSRF (Server Side Request Forgery) testing resources
  ☆2,362Updated 2 months ago
• threedr3am / learnjavabug
  Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…
  ☆2,609Updated 9 months ago
• The-Z-Labs / linux-exploit-suggester
  Linux privilege escalation auditing tool
  ☆5,701Updated 10 months ago