mogwailabs / deserialization-filter-blacklistsLinks
Native Java serialization filter blacklist for common gadgets
☆20Updated 5 years ago
Alternatives and similar repositories for deserialization-filter-blacklists
Users that are interested in deserialization-filter-blacklists are comparing it to the libraries listed below
Sorting:
- POC for leaking java version through file and ftp protocols☆24Updated 4 years ago
- Spring Boot Actuator + Spring Cloud Vul Env☆19Updated 5 years ago
- Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"☆101Updated 5 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆58Updated 5 years ago
- ☆58Updated 5 years ago
- ☆28Updated 5 years ago
- kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609☆89Updated 5 years ago
- CVE-2020-5398 - RFD(Reflected File Download) Attack for Spring MVC☆86Updated 2 years ago
- Plugin For BurpSuite (Pentester)☆36Updated 2 years ago
- FasterXML/jackson-databind 远程代码执行漏洞☆74Updated 5 years ago
- Some debug notes and exploit(not blind)☆40Updated 6 years ago
- Dependencies with Log4j2 Checklist☆35Updated 3 years ago
- A fastjson payload generator☆58Updated 4 years ago
- ☆12Updated 8 years ago
- Jira未授权SSRF漏洞☆31Updated 5 years ago
- fastjson-1.2.61-RCE☆33Updated 5 years ago
- autoType enable☆36Updated 5 years ago
- 针对域名/页面的接口爬取,递归模式入库☆22Updated 5 years ago
- 几条关于CVE-2020-15148(yii2反序列化)的绕过☆75Updated 4 years ago
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet☆51Updated 3 years ago
- Weblogic RCE with IIOP☆80Updated 5 years ago
- Zimbra XXE+SSRF+UPLOAD Poc☆59Updated 6 years ago
- 一些Java RASP demo☆11Updated 5 years ago
- Java 反序列化学习的实验代码 Java_deserialize_vuln_lab☆87Updated 6 years ago
- Java After-Deserialization Attack☆79Updated 4 years ago
- Papers☆34Updated 5 years ago
- Apache Log4j 1.2.X存在反序列化远程代码执行漏洞☆78Updated 5 years ago
- source code of XCTF 2019 Final web task "tfboys"☆29Updated 2 years ago
- bugbounty tools☆18Updated last year
- ☆18Updated 7 years ago