mogwailabs/deserialization-filter-blacklists external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mogwailabs/deserialization-filter-blacklists

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mogwailabs/deserialization-filter-blacklists)

Close

mogwailabs / deserialization-filter-blacklistsView on GitHubMore

• External links
• Readme badge

Native Java serialization filter blacklist for common gadgets

☆20Sep 12, 2019Updated 6 years ago

Alternatives and similar repositories for deserialization-filter-blacklists

Users that are interested in deserialization-filter-blacklists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mogwailabs / rmi-deserialization

  View on GitHub
  Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
  ☆101Sep 20, 2019Updated 6 years ago
• Bort-Millipede / WLT3Serial

  View on GitHub
  Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.
  ☆35Mar 2, 2020Updated 6 years ago
• mishmashclone / GrrrDog-Java-Deserialization-Cheat-Sheet

  View on GitHub
  https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
  ☆54Sep 11, 2021Updated 4 years ago
• codeplutos / MySQL-JDBC-Deserialization-Payload

  View on GitHub
  MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload
  ☆13Feb 8, 2020Updated 6 years ago
• LeadroyaL / java_xxe_2019

  View on GitHub
  总结了一下2019年在JVM环境中使用XXE攻击的知识
  ☆58Oct 31, 2019Updated 6 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• Ramos-dev / R9000

  View on GitHub
  ☆57Apr 27, 2020Updated 5 years ago
• Ruil1n / after-deserialization-attack

  View on GitHub
  Java After-Deserialization Attack
  ☆79Apr 26, 2021Updated 4 years ago
• Lonely-night / fastjson_gadgets_scanner

  View on GitHub
  ☆131Jun 17, 2022Updated 3 years ago
• Slzdude / GodzillaSource

  View on GitHub
  Godzilla v1.0 source code
  ☆38Aug 26, 2020Updated 5 years ago
• pentestingforfunandprofit / webbank

  View on GitHub
  ☆10Jan 22, 2016Updated 10 years ago
• langligelang / maobugs

  View on GitHub
  java 漏洞平台包含各种CVE
  ☆23Jun 17, 2022Updated 3 years ago
• doyensec / ajpfuzzer

  View on GitHub
  A command-line fuzzer for the Apache JServ Protocol (ajp13)
  ☆97Nov 15, 2022Updated 3 years ago
• threedr3am / FindClassInJars

  View on GitHub
  个人用于在自动化挖掘gadget时，方便查找gadget chains中class所在jar包，以助于便捷审计测试gadget有效性的那么一个小工具。
  ☆60Mar 25, 2020Updated 6 years ago
• voidfyoo / rwctf-2021-old-system

  View on GitHub
  ☆78Jan 12, 2021Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• veracode-research / actuator-testbed

  View on GitHub
  A vulnerable application exposing Spring Boot Actuators
  ☆123Feb 25, 2019Updated 7 years ago
• r3dxpl0it / Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021

  View on GitHub
  CVE-2018-8021 Proof-Of-Concept and Exploit
  ☆106Dec 3, 2018Updated 7 years ago
• paul-axe / ctf

  View on GitHub
  CTF stuff
  ☆40Dec 5, 2022Updated 3 years ago
• any-how / Getinfo_phpinfo

  View on GitHub
  提取phpinfo()敏感信息
  ☆11Nov 23, 2018Updated 7 years ago
• d2iq-archive / kubernetes-security-benchmark

  View on GitHub
  A simple way to evaluate the security of your Kubernetes deployment against sets of best practices defined by various community sources
  ☆28Jan 31, 2020Updated 6 years ago
• waderwu / attackRmi

  View on GitHub
  attackRmi
  ☆258Oct 14, 2020Updated 5 years ago
• timwhitez / PyC2-demo

  View on GitHub
  从入门到放弃的产物，学习过程中用python实现的一个单点c2基本功能
  ☆11Mar 11, 2020Updated 6 years ago
• lightless233 / geye

  View on GitHub
  🚀Faster Github Monitor🚀
  ☆104Jan 7, 2023Updated 3 years ago
• Lucifaer / head_first_javarasp

  View on GitHub
  一些Java RASP demo
  ☆11Sep 26, 2019Updated 6 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• airman604 / jdbc-backdoor

  View on GitHub
  A fake JDBC driver that allows OS command execution.
  ☆125Oct 2, 2022Updated 3 years ago
• hengyunabc / dubbo-apache-commons-collections-bug

  View on GitHub
  演示dubbo rpc Apache commons collections 的Java序列化漏洞
  ☆42Nov 13, 2015Updated 10 years ago
• iiiusky / java_rasp_example

  View on GitHub
  ☆28Jul 18, 2020Updated 5 years ago
• 0Kee-Team / JavaProbe

  View on GitHub
  A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
  ☆204Apr 26, 2021Updated 4 years ago
• irsl / jackson-rce-via-spel

  View on GitHub
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆124Jan 9, 2018Updated 8 years ago
• secure-software-engineering / SPDS-experiments

  View on GitHub
  ☆11Oct 10, 2018Updated 7 years ago
• Barro / java-afl

  View on GitHub
  Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.
  ☆91May 3, 2018Updated 7 years ago
• feihong-cs / jre8u20_gadget

  View on GitHub
  jre8u20 gadget
  ☆34May 23, 2021Updated 4 years ago
• mufeedvh / CVE-2019-8449

  View on GitHub
  CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
  ☆69Feb 3, 2020Updated 6 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• Ant-FG-Lab / non_RCE

  View on GitHub
  ☆41Mar 10, 2021Updated 5 years ago
• swissiety / JimpleLSP

  View on GitHub
  This is an implementation of the Language Server Protocol for Jimple. It enables your IDE to provide code exploring features while workin…
  ☆12Dec 15, 2023Updated 2 years ago
• havysec / vulnerable-scene

  View on GitHub
  一些漏洞场景的还原，基于https://www.exploit-db.com/
  ☆37Feb 7, 2018Updated 8 years ago
• mogwailabs / mjet

  View on GitHub
  MOGWAI LABS JMX exploitation toolkit
  ☆205Mar 13, 2023Updated 3 years ago
• kantega / notsoserial

  View on GitHub
  Java Agent which mitigates deserialisation attacks by making certain classes unserializable
  ☆191May 17, 2016Updated 9 years ago
• proudwind / struts2_vulns

  View on GitHub
  Struts2 vuln env
  ☆43Dec 6, 2022Updated 3 years ago
• Contrast-Security-OSS / joogle

  View on GitHub
  A static analysis API for finding deserialization attack gadgets
  ☆38Nov 7, 2022Updated 3 years ago