pacemrc / VulDebugLinks

Java漏洞调试分析集合

☆90

Alternatives and similar repositories for VulDebug

Users that are interested in VulDebug are comparing it to the libraries listed below

Sorting:

freeFV / ShortPayload
如何将Java反序列化Payload极致缩小
☆60Updated 3 years ago
cwkiller / JDBC-PROXY-Bypass
利用代理驱动绕过JDBC Attack检测
☆123Updated 2 months ago
ax1sX / MemShell
MemShell List
☆84Updated 2 years ago
woodpecker-appstore / java-memshell-generator
Java 内存马生成插件
☆54Updated 2 years ago
KpLi0rn / DeserializeAll
一个简单的批量反编译jar包的小脚本
☆41Updated 3 years ago
Ar3h / utf8-overlong-agent
使用 agent 实现反序列化 utf8 overlong
☆80Updated last year
yulate / tabby-pipeline
用于快速启动tabby 分析漏洞或者gadget的环境
☆86Updated last month
l3yx / Java-RASP-Research-Env
之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境
☆71Updated 10 months ago
Lotus6 / FileMonitor
Java命令行文件监控小工具(代码审计)
☆103Updated 3 years ago
luelueking / Fake_Kafka_Server
☆80Updated 9 months ago
unam4 / fineldapc
某软最新公开gadgegt,新加入不出网利用。
☆75Updated 11 months ago
kyo-w / Spel-research
Spel-research
☆26Updated 3 years ago
Le1a / CVE-2023-33246
Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit
☆82Updated 2 years ago
Y4Sec-Team / mysql-jdbc-tricks
JDBC Attack Tricks
☆143Updated last year
Y4Sec-Team / no-templates
如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过
☆52Updated last year
abc123info / ysoserial_JDK1.5
分享ABC_123自己改造的ysoserial工具，java反序列化漏洞利用，生成的java反序列化利用链支持jdk1.5版本的老旧系统的利用。
☆56Updated 5 months ago
ax1sX / SpringSecurity
A list for Spring Security
☆125Updated last year
xiaopan233 / GenerateNoHard
本工具的定位是快速生成Java安全相关的Payload，如内存马、反序列化链、JNDI url、Fastjson等，动态生成相关Payload，并附带相应的文档。
☆93Updated 5 months ago
byname66 / SerializeJava
用Go+Fyne开发的，展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。
☆114Updated 7 months ago
yuligesec / watchvuln
一个高价值漏洞采集与推送服务 | A valueable vulnerability collection and push service
☆31Updated 10 months ago
AfterSnows / ApricusFindEvil
检测查杀java内存马
☆83Updated last year
YYHYlh / Dubbo-Scan
一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。
☆169Updated 2 years ago
webraybtl / ysoserialbtl
基于ysoserial扩展命令执行结果回显，生成冰蝎内存马
☆91Updated 2 years ago
turn1tup / JvmRaspBypass
☆14Updated 2 years ago
zangcc / Java_Risky_Functions
Java 代码审计-存在风险的函数汇总。方便我们日常代码审计过程中快速定位漏洞点，配合静态代码分析工具做到事半功倍。Java code audit - summary of risky functions. It is convenient for us to quickl…
☆31Updated last year
qi4L / Ysoserial-go
A Go library for generating Java deserialization payloads.
☆155Updated 11 months ago
lz2y / DubboPOC
Apache Dubbo漏洞测试Demo及其POC
☆62Updated 2 years ago
ssssdl / fastjsonChecker
burp手工检测fastjson辅助
☆86Updated last year
howmp / wget
可能是windows最小的wget (862字节)
☆70Updated 8 months ago
tabby-sec / tabby-intellij-plugin
A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
☆37Updated 9 months ago