shawnmckinney / remote-code-execution-sample

Related projects: ⓘ

• kiview / damn-vulnerable-spring-boot-app
  Spring-Boot app for demonstrating security vulnaribilities
  ☆13Updated 5 years ago
• Cisco-AMP / java_security
  ☆14Updated 5 years ago
• fergarrui / custom-bytecode-analyzer
  Java bytecode analyzer customizable via JSON rules
  ☆74Updated 6 years ago
• JReFrameworker / JReFrameworker
  A practical tool for bytecode manipulation and creating Managed Code Rootkits (MCRs) in the Java Runtime Environment
  ☆56Updated 4 years ago
• carterjones / javasnoop
  Automatically exported from code.google.com/p/javasnoop
  ☆27Updated 9 years ago
• victims / maven-security-versions
  Identify vulnerable libraries in Maven dependencies
  ☆45Updated last year
• righettod / log-requests-to-sqlite
  BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
  ☆61Updated last month
• cschneider4711 / SWAT
  Serial Whitelist Application Trainer
  ☆29Updated 5 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆37Updated last year
• kohsuke / youdebug
  Non-interactive Java debugger with Groovy
  ☆79Updated 5 months ago
• dschadow / CloudSecurity
  Cloud security projects with Spring Cloud Config Server and Vault
  ☆27Updated 2 weeks ago
• frohoff / inspector-gadget
  Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
  ☆103Updated 8 years ago
• maaaaz / weblogicpassworddecryptor
  A simple script to decrypt stored passwords from Oracle WebLogic Server configuration files
  ☆30Updated 8 years ago
• bbossola / vulnerability-java-samples
  Sample exploits of common vulnerabilities in Java librarires
  ☆22Updated 9 months ago
• secdec / astam-correlator
  Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…
  ☆23Updated last year
• fbogner / race2rce
  A PoC that shows that Web Vulnerabilities can indeed be interesting
  ☆19Updated 6 years ago
• NashornTools / NnClassLoader
  Java ClassLoader for Nashorn with Maven support. Allows to define any Java dependencies directly in scripts.
  ☆12Updated 4 years ago
• topolik / ois-dos
  Java Deserialization
  ☆26Updated 7 years ago
• augustd / burp-suite-jsonpath
  JSONPath extension for BurpSuite
  ☆29Updated 4 months ago
• pwntester / JVMDeserialization
  PoC for Scala and Groovy
  ☆14Updated 8 years ago
• mdsecresearch / ThriftDecoder
  Apache Thrift Decoder
  ☆31Updated 6 years ago
• mchr3k / org.intrace
  Java tracing agent and live trace client
  ☆73Updated last year
• frohoff / marshalsec
  ☆70Updated 7 years ago
• secdec / pen-test-automation
  A framework for automating penetration testing using a plugin based architecture
  ☆34Updated 2 years ago
• rastating / CVE-2019-0708
  ☆10Updated this week
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆121Updated 6 years ago
• alex91ar / randomstringutils
  Cracker for Apache.lang.commons RandomStringUtils(). Code for "The Java Soothsayer" talk at EkoParty 2017 by Alejo Popovici.
  ☆32Updated 6 years ago
• synacktiv / Exim-CVE-2019-15846
  PoC materials to exploit CVE-2019-15846
  ☆30Updated 4 years ago
• mpgn / CVE-2019-3799
  CVE-2019-3799 - Spring Cloud Config Server: Directory Traversal < 2.1.2, 2.0.4, 1.4.6
  ☆31Updated 5 years ago
• LinkedInAttic / sometime
  A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
  ☆60Updated 7 years ago