Alternatives and similar repositories for GrrrDog-Java-Deserialization-Cheat-Sheet

Users that are interested in GrrrDog-Java-Deserialization-Cheat-Sheet are comparing it to the libraries listed below

• Afant1 / RemoteObjectInvocationHandler
  bypass JEP290 RaspHook code
  ☆62Updated 4 years ago
• fairyming / CVE-2020-8840
  CVE-2020-8840：FasterXML/jackson-databind 远程代码执行漏洞
  ☆36Updated 5 years ago
• EvilPulsar / S2-061
  some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute
  ☆70Updated 4 years ago
• zer0yu / BugBounty
  web fuzzing && bug hunter
  ☆60Updated 3 years ago
• Ramos-dev / R9000
  ☆58Updated 5 years ago
• Al1ex / CVE-2020-36179
  CVE-2020-36179~82 Jackson-databind SSRF&RCE
  ☆81Updated 4 years ago
• jas502n / SpringBoot_Actuator_RCE
  SpringBoot_Actuator_RCE
  ☆96Updated 5 years ago
• Y4er / CVE-2020-14756
  WebLogic T3/IIOP RCE ExternalizableHelper.class of coherence.jar
  ☆81Updated 4 years ago
• ldbfpiaoran / springboot-acl-bypass
  springboot getRequestURI acl bypass
  ☆37Updated 4 years ago
• potats0 / cve_2020_14644
  ☆69Updated 4 years ago
• JulianWu520 / ysoserial-mangguogan
  ☆4Updated 4 years ago
• fa1c0n1 / MyJSPWebshell
  My collection of various of JSP Webshell.
  ☆34Updated 2 years ago
• SecCoder-Security-Lab / spring-cloud-netflix-hystrix-dashboard-cve-2021-22053
  Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability CVE-2021-22053
  ☆37Updated 2 years ago
• tobechenghuai / Shiro_721_Padding_Oracle_RCE
  Shiro_721 exp 纯手工实现Padding Oracle整个过程
  ☆67Updated 5 years ago
• Draven996 / jniwebshell
  ☆42Updated 5 years ago
• jas502n / CVE-2020-26259
  CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process…
  ☆25Updated 4 years ago
• shadowsock5 / ysoserial
  mvn clean package -DskipTests
  ☆46Updated 2 years ago
• b1ngz / spring-boot-actuator-cloud-vul
  Spring Boot Actuator + Spring Cloud Vul Env
  ☆19Updated 5 years ago
• kingkaki / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆102Updated 5 years ago
• UnicodeSec / Blogs
  宽字节安全团队的博客
  ☆31Updated 4 years ago
• iSafeBlue / redis-rce
  Redis RCE 的几种方法
  ☆90Updated last year
• OneSourceCat / BcelPayloadGenerator
  A fastjson payload generator
  ☆57Updated 4 years ago
• threedr3am / fastjson-blacklist
  打CTF实在厌倦了找利用链，就知道一个fastjson的版本，一堆依赖找啊找，头都疼。为了解决这个烦恼，用了卓卓师傅的fastjson黑名单工具和库，自己改造了一下。
  ☆32Updated 5 years ago
• jas502n / xxl-job
  xxl-job RESTful API RCE
  ☆72Updated 3 years ago
• Afant1 / JavaSearchTools
  ☆61Updated 4 years ago
• jas502n / fastjson-1.2.61-RCE
  fastjson-1.2.61-RCE
  ☆33Updated 5 years ago
• Maskhe / CVE-2020-15148-bypasses
  几条关于CVE-2020-15148（yii2反序列化）的绕过
  ☆75Updated 4 years ago
• theLSA / f5-bigip-rce-cve-2020-5902
  F5 BIG-IP RCE CVE-2020-5902 automatic check tool
  ☆62Updated 4 years ago
• Dor-Tumarkin / CVE-2021-25641-Proof-of-Concept
  Apache/Alibaba Dubbo <= 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Data; Affects Versions <= 2.7.6 With Diffe…
  ☆52Updated 4 years ago
• CHYbeta / Vuln100Topics
  知识星球《漏洞百出》最新 20条 Topic
  ☆113Updated 3 years ago