A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
-
Updated
Mar 31, 2024 - Java
#
vulnerability
Here are 80 public repositories matching this topic...
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
rce vulnerability springboot springcloud springboot-actuator-rce spring-boot-vulnerability spring-vulnerability spring-actuator-vulnerability
-
Updated
Mar 10, 2021 - Java
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
-
Updated
Dec 16, 2023 - Java
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
-
Updated
Jan 15, 2024 - Java
Jar Analyzer - 一个 JAR 包 GUI 分析工具,方法调用关系搜索,方法调用链 DFS 算法分析,模拟 JVM 的污点分析验证 DFS 结果,字符串搜索,Java Web 组件入口分析,CFG 程序分析,JVM 栈帧分析,自定义表达式搜索。官方文档:https://docs.qq.com/doc/DV3pKbG9GS0pJS0tk
bytecode static-analysis java-decompiler jar java-bytecode vulnerability program-analysis java-gui java-security web-vulnerability java-debugger java-asm java-vulnerability
-
Updated
Oct 19, 2025 - Java
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
security vulnerability cloud-native compliance cloud-custodian compliance-as-code prowler sbom kubernetes-security trivy k8s-security cspm cloud-native-security
-
Updated
Dec 26, 2024 - Java
纯 Java 实现的 MySQL Fake Server | 支持 GUI 版和命令行版 | 支持反序列化和文件读取的利用方式 | 支持常见的 GADGET 和自定义 GADGET 数据 | 根据目标环境自动生成匹配的 PAYLOAD | 支持 PGSQL 和 DERBY 的利用
-
Updated
Sep 18, 2023 - Java
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
-
Updated
Apr 14, 2021 - Java
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
-
Updated
Mar 11, 2022 - Java
OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
javascript css java spring-boot owasp vulnerability appsec hacktoberfest owasp-zap burpsuite vulnerable-application vulnerability-scanning payload-testing learn-security test-vulnerability-scanning-tools practice-hacking
-
Updated
Sep 10, 2025 - Java
Joint Advanced Defect assEsment for android applications
-
Updated
Apr 12, 2017 - Java
JFrog IntelliJ IDEA plugin
golang npm gradle maven intellij-plugin vulnerability intellij-idea jfrog jfrog-xray jfrog-idea-plugin
-
Updated
Oct 29, 2025 - Java
一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
java security protection log4j rce vulnerability hardening defense log4j2 security-tools rasp cve-2021-44228
-
Updated
Dec 11, 2021 - Java
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
-
Updated
Dec 17, 2023 - Java
Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.
java security hacking challenges penetration-testing rce sql-injection vulnerability application-security ctf capture-the-flag client-server vulnerable appsec vulnerable-application ctf-challenges remote-code-execution vulnapp vulnerable-app thick-client
-
Updated
Sep 9, 2023 - Java
Delvelin is a Code Vulnerability Analyzer for Java and Kotlin that supports best practices in security and risk management.
kotlin vulnerability vulnerability-detection vulnerability-scanners security-tools sast whitebox-testing kotlin-test vulnerabilityscanner java-kotlin-vulnerability-scanner java-kotlin-vulnerability-detection
-
Updated
Apr 22, 2025 - Java
Java Object Deserialization on Android
-
Updated
Apr 11, 2019 - Java
ReARM - Supply Chain Security and Asset Management for Releases, SBOMs, xBOMs, Security Artifacts
security supply-chain release vulnerability release-automation release-management software-supply-chain security-tools supply-chain-management release-engineering sbom cyclonedx supply-chain-visibility sbom-distribution software-supply-chain-security sbom-tool hardware-supplychain software-transparency cyclonedx-sbom
-
Updated
Nov 4, 2025 - Java
CVE-2022-41852 Proof of Concept (unofficial)
security proof-of-concept hacking penetration-testing rce vulnerability pentesting cve remote-code-execution cve-2022-41852 jxpath
-
Updated
Oct 20, 2022 - Java
Improve this page
Add a description, image, and links to the vulnerability topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the vulnerability topic, visit your repo's landing page and select "manage topics."