waderwu / javaDeserializeLabsLinks

javaDeserializeLabs

☆69

Alternatives and similar repositories for javaDeserializeLabs

Users that are interested in javaDeserializeLabs are comparing it to the libraries listed below

Sorting:

luelueking / Deserial_Sink_With_JDBC
Some ReadObject Sink With JDBC
☆240Updated last year
tabby-sec / tabby-path-finder
A neo4j procedure for tabby
☆133Updated 4 months ago
kyo-w / router-router
Java web路由内存分析工具
☆436Updated 4 months ago
Firebasky / ctf-Challenge
是一些比赛中的好题，加上自己出的一些。。。
☆43Updated 3 years ago
yzddmr6 / Java-Js-Engine-Payloads
Java Js Engine Payloads All in one
☆279Updated 2 years ago
datouo / CTF-Java-Gadget
CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段
☆261Updated 9 months ago
woodpecker-appstore / jexpr-encoder-utils
Java表达式语句生成器
☆193Updated last year
Y4tacker / HackingFernFlower
2023白帽补天大会部分代码
☆128Updated last year
ttonys / CodeQLAnalyseJar
CodeQL分析闭源Jar包脚本，基于Apache Ant构建CodeQL数据库
☆39Updated 3 years ago
Macr0phag3 / dibber
用于自动搜索 Python 沙箱逃逸、SSTI 攻击链的小工具
☆36Updated 8 months ago
Drun1baby / CTF-Repo-2023
2023 各大 CTF 的比赛附件
☆49Updated 2 years ago
l3yx / jdwp-codeifier
基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本（动态执行Java/Js代码并获得回显）
☆311Updated 9 months ago
kezibei / Urldns
☆337Updated last year
Fushuling / TaintScaner
一款基于污点分析的PHP扫描工具，能快速匹配从常见Source点如$_POST、$GET到Sink点system等的路径，同时支持单独对函数的扫描。
☆147Updated 5 months ago
tabby-sec / tabby-vul-finder
A vul-finder for loading CPG and automated finding vul-call-chains
☆63Updated 2 months ago
rzte / agentcrack
不那么一样的 Java Agent 内存马
☆286Updated last year
p4d0rn / Java_Zoo
☆27Updated 8 months ago
su18 / JDBC-Attack
JDBC Connection URL Attack
☆430Updated 4 years ago
phith0n / vueinfo
Extract website information from Vue
☆282Updated 2 years ago
ice-doom / CodeQLRule
个人使用CodeQL编写的一些规则
☆176Updated 3 years ago
baiyecha404 / CTFWEBchallenge
Collections of CTF-WEB-challs mainly for review purpose.
☆30Updated 2 years ago
luelueking / CVE-2022-25845-In-Spring
CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!
☆99Updated 10 months ago
yaklang / syntaxflow
Lessons for syntaxflow zero to hero
☆52Updated last year
TheKingOfDuck / SinkFinder
闭源系统半自动漏洞挖掘工具，针对 jar/war/zip 进行静态代码分析，输出从source到sink的可达路径。LLM将验证路径可达性，并根据上下文给出该路径可信分数
☆473Updated 3 months ago
kezibei / fastjson_payload
☆228Updated 4 months ago
WAY29 / geek-2020-challenges
☆20Updated 4 years ago
wa1ki0g / NoAuth
java-web 自动化鉴权绕过
☆353Updated 6 months ago
Whoopsunix / PPPYSO
proof-of-concept for generating Java deserialization payload | Proxy MemShell
☆207Updated last year
yuanhaiGreg / Fuzz-Dict
一些常见字典
☆171Updated 4 years ago
su18 / hack-fastjson-1.2.80
☆516Updated 3 years ago