deserialization-vulnerability

Vulhub Vulnerability Reproduction Designated Platform

Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency

Java漏洞学习笔记 Deserialization Vulnerability

Java反序列化/JNDI注入/恶意类生成工具，支持多种高版本bypass，支持回显/内存马等多种扩展利用。

Peas create serialized payload for deserialization RCE attack on python driven applications where pickle ,pyYAML, ruamel.yaml or jsonpickle module is used for deserialization of serialized data. I wil...

Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

#大语言模型#GPT AiCSA(Code security audit)，SAST（Static Application Security Testing，静态应用程序安全测试），JAR security analysis, static vulnerability and vulnerability analysis of various programming language codes

Vulnerable webapp testbed

#大语言模型#AiCSA，Move to https://github.com/hktalent/AiCSA

A JBoss Byteman rule to debug the trace the JDK deserialization filtering

Python Deserialization Payload Generator

PoC for CVE-2020-28032 (It's just a POP chain in WordPress < 5.5.2 for exploiting PHP Object Injection)

Ruby Deserialization Payload Generator

maptool unauthenticated rce exploit <1.8.0 beta2b

This project contains a Java deserialization vulnerability that is exploitable with some ysoserial payloads, but also contains a custom class that can be leveraged to get command execution upon deseri...

Insecure deserialization library

Fake MySQL Server for Exploit Vulnerability of MySQL JDBC Driver

This tool is responsible to perform java deserialization attacks on server end points