waderwu/javaDeserializeLabs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

waderwu/javaDeserializeLabs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/waderwu/javaDeserializeLabs)

Close

waderwu / javaDeserializeLabsView on GitHubMore

• External links
• Readme badge

javaDeserializeLabs

☆70Apr 18, 2023Updated 2 years ago

Alternatives and similar repositories for javaDeserializeLabs

Users that are interested in javaDeserializeLabs are comparing it to the libraries listed below

• flowerwind / AutoGenerateXalanPayload

  View on GitHub
  cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
  ☆93Jan 17, 2023Updated 3 years ago
• wupco / PHP_INCLUDE_TO_SHELL_CHAR_DICT

  View on GitHub
  ☆349Jan 24, 2023Updated 3 years ago
• Whoopsunix / utf-8-overlong-encoding

  View on GitHub
  抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组
  ☆139Mar 11, 2024Updated last year
• tabby-sec / tabby

  View on GitHub
  A CAT called tabby ( Code Analysis Tool )
  ☆1,637Jan 17, 2026Updated last month
• luelueking / Deserial_Sink_With_JDBC

  View on GitHub
  Some ReadObject Sink With JDBC
  ☆243May 8, 2024Updated last year
• LandGrey / spring-boot-upload-file-lead-to-rce-tricks

  View on GitHub
  spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
  ☆754Apr 14, 2021Updated 4 years ago
• tabby-sec / tabby-path-finder

  View on GitHub
  A neo4j procedure for tabby
  ☆137May 17, 2025Updated 9 months ago
• Y4tacker / JavaSec

  View on GitHub
  a rep for documenting my study, may be from 0 to 0.1
  ☆2,248Nov 10, 2025Updated 3 months ago
• Firebasky / ctf-Challenge

  View on GitHub
  是一些比赛中的好题，加上自己出的一些。。。
  ☆43Jul 10, 2022Updated 3 years ago
• ceclin / 0ctf-2021-finals-soln-buggy-loader

  View on GitHub
  solution to buggyLoader of 0CTF/TCTF 2021 Finals
  ☆20Sep 27, 2021Updated 4 years ago
• waderwu / extractor-java

  View on GitHub
  CodeQL extractor for java, which don't need to compile java source
  ☆348Nov 25, 2022Updated 3 years ago
• bfengj / CTF

  View on GitHub
  关于我在CTF中的所有东西
  ☆422Sep 22, 2025Updated 5 months ago
• datouo / CTF-Java-Gadget

  View on GitHub
  CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段
  ☆276Dec 13, 2024Updated last year
• waderwu / My-CTF-Challenges

  View on GitHub
  Collection of CTF Web challenges I made
  ☆53Apr 25, 2023Updated 2 years ago
• wh1t3p1g / ysomap

  View on GitHub
  A helpful Java Deserialization exploit framework.
  ☆1,240Feb 17, 2025Updated last year
• kyo-w / Spel-research

  View on GitHub
  Spel-research
  ☆26Jun 21, 2022Updated 3 years ago
• phith0n / zkar

  View on GitHub
  ZKar is a Java serialization protocol analysis tool implement in Go.
  ☆647Feb 15, 2025Updated last year
• whocansee / FilelessAgentMemShell

  View on GitHub
  无需文件落地Agent内存马生成器
  ☆249May 30, 2024Updated last year
• X1r0z / JNDIMap

  View on GitHub
  A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-v…
  ☆569Feb 4, 2026Updated 3 weeks ago
• YZloser / My-CTF-Challenges

  View on GitHub
  My-CTF-Challenges
  ☆15Sep 27, 2021Updated 4 years ago
• Firebasky / Fastjson

  View on GitHub
  Fastjson姿势技巧集合
  ☆13Sep 18, 2022Updated 3 years ago
• artsploit / yaml-payload

  View on GitHub
  A tiny project for generating SnakeYAML deserialization payloads
  ☆629Oct 14, 2025Updated 4 months ago
• bluE0a / java-memshell-scanner

  View on GitHub
  添加Connector内存马与ws内存马检测逻辑
  ☆16Oct 9, 2022Updated 3 years ago
• cwkiller / Java-Puzzle

  View on GitHub
  一个专注于 Java Web 特性、配置和 Trick 的安全谜题集合
  ☆117Dec 24, 2025Updated 2 months ago
• BeichenDream / GodzillaMemoryShellProject

  View on GitHub
  ☆306Feb 27, 2025Updated last year
• pen4uin / java-memshell-generator

  View on GitHub
  一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
  ☆2,151Aug 21, 2025Updated 6 months ago
• Firebasky / Java

  View on GitHub
  关于学习java安全的一些知识,正在学习中ing,欢迎fork and star
  ☆792Jul 11, 2023Updated 2 years ago
• kyo-w / router-router

  View on GitHub
  Java web路由内存分析工具
  ☆437May 22, 2025Updated 9 months ago
• Y4Sec-Team / CVE-2023-21939

  View on GitHub
  JDK CVE-2023-21939
  ☆94Aug 26, 2023Updated 2 years ago
• c0ny1 / java-object-searcher

  View on GitHub
  java内存对象搜索辅助工具
  ☆823Sep 23, 2022Updated 3 years ago
• lz2y / DubboPOC

  View on GitHub
  Apache Dubbo漏洞测试Demo及其POC
  ☆65Mar 27, 2023Updated 2 years ago
• mdsecresearch / NSAMeetingWithProxyShell

  View on GitHub
  ☆19Sep 15, 2021Updated 4 years ago
• fnmsd / MySQL_Fake_Server

  View on GitHub
  MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
  ☆1,360Nov 18, 2021Updated 4 years ago
• yzddmr6 / Java-Js-Engine-Payloads

  View on GitHub
  Java Js Engine Payloads All in one
  ☆289Aug 21, 2023Updated 2 years ago
• threedr3am / ZhouYu

  View on GitHub
  （周瑜）Java - SpringBoot 持久化 WebShell（不仅仅是SpringBoot，适合任何符合JavaEE规范的服务）
  ☆615Dec 29, 2021Updated 4 years ago
• achuna33 / Memoryshell-JavaALL

  View on GitHub
  收集内存马打入方式
  ☆506May 20, 2022Updated 3 years ago
• safe6Sec / CodeqlNote

  View on GitHub
  Codeql学习笔记
  ☆900Apr 25, 2022Updated 3 years ago
• EddieIvan01 / pker

  View on GitHub
  Automatically converts Python source code to Pickle opcode
  ☆160Jan 2, 2025Updated last year
• for-A1kaid / CodeAudit

  View on GitHub
  记录一些代码审计过的源码
  ☆182Feb 26, 2025Updated last year