yulate / ReflectorMateLinks

idea插件，快速生成反序列化中常用的方法，比如setFieldValue、createTemplatesImpl等

☆28

Alternatives and similar repositories for ReflectorMate

Users that are interested in ReflectorMate are comparing it to the libraries listed below

Sorting:

l3yx / Java-RASP-Research-Env
之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境
☆71Updated last year
Le1a / JarLibsConsolidator
一个IDEA插件：一键收集项目中所有jar包依赖的工具插件。遍历项目目录收集所有jar文件，复制到all-in-one文件夹，并自动添加为项目库。
☆49Updated 2 months ago
yulate / tabby-pipeline
用于快速启动tabby 分析漏洞或者gadget的环境
☆89Updated 3 months ago
h3h3qaq / JDK-CodeQLDB-Builder
使用 Docker 一键构建 JDK 源码的 CodeQL 数据库，方便使用 CodeQL 查找 JDK 中的数据。
☆27Updated 5 months ago
Y4Sec-Team / no-templates
如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过
☆52Updated 2 years ago
luelueking / CVE-2022-25845-In-Spring
CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!
☆99Updated 11 months ago
tabby-sec / tabby-vul-finder
A vul-finder for loading CPG and automated finding vul-call-chains
☆66Updated 3 months ago
cwkiller / JDBC-PROXY-Bypass
利用代理驱动绕过JDBC Attack检测
☆134Updated 4 months ago
triplexlove / javasocket
java实现反序列化建立socket连接
☆61Updated 9 months ago
aaaademo / evil-mysql-server
☆24Updated 7 months ago
cwkiller / ClassLinefix
Java bytecode line number restoration tool
☆89Updated last month
h3h3qaq / JavaDecompiler
一个基于 Vineflower 引擎的多线程 Java 批量反编译工具，支持快速处理大量的 class 文件和 JAR 文件。
☆56Updated 5 months ago
ReaJason / No-one
Next Generation Java WebShell Manager
☆53Updated last month
Boogipop / JavaSec
JavaSec
☆40Updated last year
unam4 / java_gadget_flow
一些总结出来的gadget的flow，后续合适和加入新的flow
☆28Updated 10 months ago
ax1sX / RouteCheck-Alpha
A Java Route Collection Tool
☆102Updated last year
luelueking / Java-CVE-Lists
☆19Updated 2 years ago
P0wfuu / rasp-bypass-benchmark
☆12Updated 2 years ago
Whoopsunix / utf-8-overlong-encoding
抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组
☆138Updated last year
tabby-sec / tabby-intellij-plugin
A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
☆37Updated 11 months ago
Y4Sec-Team / mysql-jdbc-tricks
JDBC Attack Tricks
☆148Updated 2 years ago
AfterSnows / ApricusFindEvil
检测查杀java内存马
☆116Updated last year
N0el4kLs / JSHunter
JSHunter-一款针对于前端的未授权访问扫描工具
☆72Updated 5 months ago
phith0n / tls_proxy
A lightweight reverse proxy server that converts TLS traffic to TCP, allowing secure communication between clients and upstream servers.
☆77Updated last year
0range-x / dragon-lab
☆57Updated last year
d0ctorsec / LearnJavaMemshellFromZero-Recurrence
基于W01fh4cker大佬的LearnJavaMemshellFromZero从零掌握java内存马的复现重组版本。
☆90Updated 3 months ago
Y4tacker / HackingFernFlower
2023白帽补天大会部分代码
☆128Updated last year
freeFV / ShortPayload
如何将Java反序列化Payload极致缩小
☆65Updated 3 years ago
pho3n1x-web / HTTPServerGO
这是一个用Go编写的红队内网环境中一个能快速开启HTTP文件浏览服务的小工具，能够执行shell命令,可以执行webshell
☆78Updated 2 years ago
unam4 / fineldapc
某软最新公开gadgegt,新加入不出网利用。
☆80Updated last year