The cheat sheet about Java Deserialization vulnerabilities
A helpful Java Deserialization exploit framework.
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
翻译 - 探测使用Java序列化对象的端点,以识别远程Java类路径上的类,库和库版本。
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
翻译 - RMIScout使用单词列表和蛮力策略来枚举Java RMI函数并利用RMI参数解组漏洞
#博客#xmind\code\articles for my personal blog 个人博客上的资源备份存储,也是个人分享的汇总
Compiled dataset of Java deserialization CVEs
Library for manually creating Java serialization data.
Java deserialization tool for creating encrypted and HMAC protected payloads.
maptool unauthenticated rce exploit <1.8.0 beta2b