shawnmckinney / remote-code-execution-sampleLinks
Demonstrate how usage of the Java Security Manager can prevent Remote Code Execution (RCE) exploits.
☆25Updated last year
Alternatives and similar repositories for remote-code-execution-sample
Users that are interested in remote-code-execution-sample are comparing it to the libraries listed below
Sorting:
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆108Updated 9 years ago
- Identify vulnerable libraries in Maven dependencies☆46Updated 2 years ago
- Java bytecode analyzer customizable via JSON rules☆72Updated 7 years ago
- ☆14Updated 6 years ago
- Java Agent which mitigates deserialisation attacks by making certain classes unserializable☆190Updated 9 years ago
- Serial Whitelist Application Trainer☆29Updated 6 years ago
- Non-interactive Java debugger with Groovy☆80Updated last year
- coverage guided fuzz testing for java☆228Updated 4 years ago
- A tiny Java agent that blocks attacks against unsafe deserialization☆86Updated 8 years ago
- A JVM agent that automatically forces a proxy for HTTP(S) connections and trusts MitM certificates, for all major JVM HTTP clients☆86Updated 7 months ago
- Spring-Boot app for demonstrating security vulnaribilities☆13Updated 6 years ago
- Maven central doesn't do SSL when serving you JARs. Dilettante is a MiTM proxy for exploiting that.☆160Updated 8 months ago
- A practical tool for bytecode manipulation and creating Managed Code Rootkits (MCRs) in the Java Runtime Environment☆58Updated 5 years ago
- Cloud security projects with Spring Cloud Config Server and Vault☆29Updated this week
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆124Updated 7 years ago
- Java web and command line applications demonstrating various security topics☆238Updated this week
- A static analysis API for finding deserialization attack gadgets☆38Updated 2 years ago
- Automatically exported from code.google.com/p/javasnoop☆27Updated 10 years ago
- A simple script to decrypt stored passwords from Oracle WebLogic Server configuration files☆30Updated 9 years ago
- ☆75Updated 8 years ago
- Cracker for Apache.lang.commons RandomStringUtils(). Code for "The Java Soothsayer" talk at EkoParty 2017 by Alejo Popovici.☆33Updated 7 years ago
- The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment wher…☆87Updated 3 years ago
- A PoC that shows that Web Vulnerabilities can indeed be interesting☆20Updated 7 years ago
- Java bytecode analysis/deobfuscation tool☆195Updated 7 years ago
- Apache Thrift Decoder☆34Updated 7 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆12Updated 9 years ago
- BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.☆66Updated 5 months ago
- Declarative syntax for defining sets of URLs. No need for error-prone regexs.☆21Updated 6 years ago
- Proof of concept exploit for CVE-2017-3599☆22Updated 8 years ago
- ☆19Updated 9 years ago