Repository navigation

#

deserialization-vulnerability

vulhub / java-chains 

vulhub Vulnerability Reproduction Designated Platform

deserialization-vulnerabilityvulnerabilityjavasecurityredteamJavapayloadjndi-injectionvulhub
Dockerfile
1448
15 天前
a1phaboy / FastjsonScan 

Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency

deserialization-vulnerabilityfastjsonfastjson-rcescanner-web
Go
1017
3 年前
SummerSec / JavaLearnVulnerability 

Java漏洞学习笔记 Deserialization Vulnerability

deserialization-vulnerabilityJavavulnerabilityjackson-databindfastjson-rceweblogicshiro-security
HTML
931
2 年前
j0lt-github / python-deserialization-attack-payload-generator 

Peas create serialized payload for deserialization RCE attack on python driven applications where pickle ,pyYAML, ruamel.yaml or jsonpickle module is used for deserialization of serialized data. I will update it with more attack vectors to targets other modules.

deserializationrceHackingbackdoormsfvenomcmddeserialization-vulnerabilityYAMLPython
Python
112
1 年前
tweedge / springcore-0day-en 

Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

spring4shellspringcoreJavadeserialization-vulnerabilityExploit0day
Python
107
3 年前
H4cking2theGate / ysogate 

Java反序列化/JNDI注入/恶意类生成工具,支持多种高版本bypass,支持回显/内存马等多种扩展利用。

bypassdeserialization-vulnerabilityJavaldappayload-generatorrmiysoserial
Java
98
2 个月前
GrrrDog / ZeroNights-WebVillage-2017 

deserialization-vulnerability
Java
70
7 年前
GhostTroops / AiCSA 

GPT AiCSA(Code security audit),SAST(Static Application Security Testing,静态应用程序安全测试),JAR security analysis, static vulnerability and vulnerability analysis of various programming language codes

人工智能ChatGPTgpt-4deserialization-vulnerabilitysast
JavaScript
60
1 年前
hvqzao / java-deserialize-webapp 

Vulnerable webapp testbed

deserialization-vulnerability
Java
21
9 年前
NyaMeeEain / Applications-Security 

redteamredteam-infrastructureapplication-securitypenetration-testingpentestpentestingdeserializationdeserialization-vulnerabilityJSON Web Tokensjava-deserialization
17
2 年前
hktalent / AiCSA_pub 

AiCSA,Move to https://github.com/hktalent/AiCSA

人工智能ChatGPTdeserialization-vulnerabilitygpt-4
Shell
10
2 年前
thomasleplus / jdk-serial-filter-trace 

A JBoss Byteman rule to debug the trace the JDK deserialization filtering

Javadeserialization-vulnerabilityjbossjboss-wildfly
5
12 天前
klezVirus / deser-py 

Python Deserialization Payload Generator

deserialization-vulnerabilitydeserializationPython
Python
4
5 年前
nth347 / CVE-2020-28032_PoC 

PoC for CVE-2020-28032 (It's just a POP chain in WordPress < 5.5.2 for exploiting PHP Object Injection)

WordPress安全deserialization-vulnerability
PHP
4
3 年前
klezVirus / deser-ruby 

Ruby Deserialization Payload Generator

deserializationdeserialization-vulnerabilityRubyrcebinaryYAMLRails
Ruby
4
5 年前
sum-catnip / maptool-rce 

maptool unauthenticated rce exploit <1.8.0 beta2b

Exploitdeserialization-vulnerabilityrcehessianjava-deserialization
Python
1
4 年前
dub-flow / java-gadget-chain 

This project contains a Java deserialization vulnerability that is exploitable with some ysoserial payloads, but also contains a custom class that can be leveraged to get command execution upon deserialization.

deserialization-vulnerabilityJava
Java
1
3 年前
malectricasoftware / balsamic 

Insecure deserialization library

deserialization-librarydeserialization-vulnerabilityPython安全serialization
Python
1
1 年前
trganda / fmysql 

Fake MySQL Server for Exploit Vulnerability of MySQL JDBC Driver

deserialization-vulnerabilityjdbcMySQL
Java
0
2 年前
AreedAhmed / Java-Deserializer 

This tool is responsible to perform java deserialization attacks on server end points

Javadeserialization-vulnerabilityPython
Python
0
2 年前