A python script to merge multiple jar files for easier debugging via JD-Eclipse
☆62Jan 13, 2023Updated 3 years ago
Alternatives and similar repositories for jarjarbigs
Users that are interested in jarjarbigs are comparing it to the libraries listed below
Sorting:
- a Ruby implementation of Java's ObjectInputStream and ObjectOutputStream.☆16May 28, 2022Updated 3 years ago
- Web Server that serves a single file and keeps the connection open until user releases it.☆73Nov 27, 2013Updated 12 years ago
- ☆15Oct 25, 2021Updated 4 years ago
- ☆16Jul 20, 2020Updated 5 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆649Feb 21, 2024Updated 2 years ago
- ☆12Aug 1, 2022Updated 3 years ago
- Finding Java gadget chains with CodeQL☆185Jan 14, 2025Updated last year
- Dockerfile for AFL++ and helpful other tools☆21May 5, 2020Updated 5 years ago
- Dependencies with Log4j2 Checklist☆35Dec 14, 2021Updated 4 years ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆447Sep 7, 2022Updated 3 years ago
- DoS PoC's for SAP products☆51Jan 23, 2018Updated 8 years ago
- Find all libraries on cdn.js that pollute your prototype☆19Sep 1, 2022Updated 3 years ago
- ☆12Nov 16, 2020Updated 5 years ago
- This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Autom…☆46Dec 22, 2023Updated 2 years ago
- Webshell plugin that works on any Atlassian product employing their plugin framework☆27Nov 20, 2017Updated 8 years ago
- Java RMI enumeration and attack tool.☆743Sep 28, 2017Updated 8 years ago
- JMX enumeration and attacking tool.☆493Jun 26, 2025Updated 8 months ago
- ☆13Aug 25, 2021Updated 4 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Sep 30, 2018Updated 7 years ago
- XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04☆13Oct 16, 2018Updated 7 years ago
- Docker for CentOS Weblogic with domain☆12Jun 22, 2017Updated 8 years ago
- Blogpost series showcasing interesting cloud - web app security bugs☆48Jun 13, 2023Updated 2 years ago
- tetctf2020_amf_writeups☆23Jan 3, 2021Updated 5 years ago
- POC for leaking java version through file and ftp protocols☆24Nov 1, 2020Updated 5 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- Burp extension to allow you to highlight Repeater tabs.☆10Jun 14, 2021Updated 4 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- Accompanying material needed for the workshop☆11Jun 14, 2023Updated 2 years ago
- CVE-2024-0044☆12Aug 24, 2024Updated last year
- A malicious LDAP server for JNDI injection attacks☆76Nov 15, 2024Updated last year
- Jira Information Gatherer☆29Dec 3, 2017Updated 8 years ago
- Java After-Deserialization Attack☆79Apr 26, 2021Updated 4 years ago
- ☆13Oct 3, 2023Updated 2 years ago
- ☆13Jun 13, 2017Updated 8 years ago
- 使用JS监听获取dz密码☆12Sep 5, 2017Updated 8 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆124Jan 9, 2018Updated 8 years ago
- Pythonize Intruder Payload☆13Dec 15, 2020Updated 5 years ago
- ☆14May 17, 2018Updated 7 years ago
- ☆31Nov 1, 2022Updated 3 years ago