mogwailabs / deserialization-filter-blacklists

Related projects ⓘ

Alternatives and complementary repositories for deserialization-filter-blacklists

• samsbp / java-file-ftp
  POC for leaking java version through file and ftp protocols
  ☆24Updated 4 years ago
• LoRexxar / log_dependency_checklist
  Dependencies with Log4j2 Checklist
  ☆35Updated 2 years ago
• jas502n / CVE-2019-2890
  CVE-2019-2890 WebLogic 反序列化RCE漏洞
  ☆41Updated 4 years ago
• RayScri / A8-OA-seeyon-RCE
  A Zhiyuan OA Collaborative Office Remote Code Execution Vulnerability on Windows
  ☆36Updated 5 years ago
• codeplutos / Conference
  ☆28Updated 5 years ago
• Ch1ngg / OtherAntSwordAESEncoder
  蚁剑其他脚本AES编/解码器
  ☆36Updated 5 years ago
• Dor-Tumarkin / CVE-2019-17564-FastJson-Gadget
  Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information …
  ☆15Updated last year
• jas502n / fastjson-1.2.61-RCE
  fastjson-1.2.61-RCE
  ☆33Updated 5 years ago
• gorgiaxx / reGeorg
  The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
  ☆20Updated 6 years ago
• OneSourceCat / BcelPayloadGenerator
  A fastjson payload generator
  ☆56Updated 4 years ago
• aboutbo / tools
  ☆19Updated 3 years ago
• b1ngz / spring-boot-actuator-cloud-vul
  Spring Boot Actuator + Spring Cloud Vul Env
  ☆19Updated 4 years ago
• keven1z / XXEDemo
  收集了java XXE漏洞的demo及修复方式
  ☆19Updated 7 months ago
• Lucifaer / head_first_javarasp
  一些Java RASP demo
  ☆11Updated 5 years ago
• lsh4ck / Langzi_SRC_Safe_Cruise
  LANGZI_SRC_安全巡航 是一款集成漏扫，验证，资产监控，自动复现并且生成结果表报的工具，实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。
  ☆14Updated 5 years ago
• Hpd0ger / InFoCollecter
  针对域名/页面的接口爬取，递归模式入库
  ☆21Updated 5 years ago
• MagicZer0 / Weblogic_CVE-2020-2883_POC
  Proof of concept for Weblogic CVE-2020-2883
  ☆14Updated 4 years ago
• jas502n / fastjson-1.2.60-rce
  autoType enable
  ☆36Updated 5 years ago
• genxor / Deserialize
  ☆69Updated 5 years ago
• Dor-Tumarkin / CVE-2021-25641-Proof-of-Concept
  Apache/Alibaba Dubbo <= 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Data; Affects Versions <= 2.7.6 With Diffe…
  ☆52Updated 3 years ago
• Ruil1n / helm-tiller-pwn
  ☆16Updated 3 years ago
• jas502n / CVE-2020-26259
  CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process…
  ☆25Updated 3 years ago
• fairyming / CVE-2020-9548
  CVE-2020-9548：FasterXML/jackson-databind 远程代码执行漏洞
  ☆23Updated 4 years ago
• Slzdude / GodzillaSource
  Godzilla v1.0 source code
  ☆38Updated 4 years ago
• Maskhe / CVE-2020-15148-bypasses
  几条关于CVE-2020-15148（yii2反序列化）的绕过
  ☆76Updated 4 years ago
• EvilPulsar / S2-061
  some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute
  ☆69Updated 3 years ago