A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
-
Updated
Mar 31, 2024 - Java
#
vulnerability
Here are 63 public repositories matching this topic...
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
rce
vulnerability
springboot
springcloud
springboot-actuator-rce
spring-boot-vulnerability
spring-vulnerability
spring-actuator-vulnerability
-
Updated
Mar 10, 2021 - Java
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
-
Updated
Dec 16, 2023 - Java
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
-
Updated
Jan 15, 2024 - Java
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
security
vulnerability
cloud-native
compliance
cloud-custodian
compliance-as-code
prowler
sbom
kubernetes-security
trivy
k8s-security
cspm
cloud-native-security
-
Updated
Mar 13, 2024 - Java
Jar Analyzer - 一个JAR包分析工具,SCA漏洞分析,批量分析JAR包,方法调用关系搜索,字符串搜索,Spring组件分析,CFG程序分析,JVM栈帧分析,进阶表达式搜索,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码
bytecode
static-analysis
java-decompiler
jar
java-bytecode
vulnerability
program-analysis
java-gui
java-debugger
java-asm
-
Updated
Jul 26, 2024 - Java
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
-
Updated
Apr 14, 2021 - Java
MySQL Fake Server (纯Java实现,支持GUI版和命令行版,提供Dockerfile,支持多种常见JDBC利用)
-
Updated
Sep 18, 2023 - Java
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
-
Updated
Mar 11, 2022 - Java
Joint Advanced Defect assEsment for android applications
-
Updated
Apr 12, 2017 - Java
OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
javascript
css
java
spring-boot
owasp
vulnerability
appsec
hacktoberfest
owasp-zap
burpsuite
vulnerable-application
vulnerability-scanning
payload-testing
learn-security
test-vulnerability-scanning-tools
practice-hacking
-
Updated
Jul 23, 2024 - Java
JFrog IntelliJ IDEA plugin
golang
npm
gradle
maven
intellij-plugin
vulnerability
intellij-idea
jfrog
jfrog-xray
jfrog-idea-plugin
-
Updated
Jul 4, 2024 - Java
一���针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
java
security
protection
log4j
rce
vulnerability
hardening
defense
log4j2
security-tools
rasp
cve-2021-44228
-
Updated
Dec 11, 2021 - Java
Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.
java
security
hacking
challenges
penetration-testing
rce
sql-injection
vulnerability
application-security
ctf
capture-the-flag
client-server
vulnerable
appsec
vulnerable-application
ctf-challenges
remote-code-execution
vulnapp
vulnerable-app
thick-client
-
Updated
Sep 9, 2023 - Java
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
-
Updated
Dec 17, 2023 - Java
Java Object Deserialization on Android
-
Updated
Apr 11, 2019 - Java
CVE-2022-41852 Proof of Concept (unofficial)
security
proof-of-concept
hacking
penetration-testing
rce
vulnerability
pentesting
cve
remote-code-execution
cve-2022-41852
jxpath
-
Updated
Oct 20, 2022 - Java
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
-
Updated
Apr 11, 2023 - Java
Simple PoC for demonstrating Race Conditions on Websockets
-
Updated
Sep 14, 2023 - Java
Improve this page
Add a description, image, and links to the vulnerability topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the vulnerability topic, visit your repo's landing page and select "manage topics."