#

deserialization-vulnerability

Here are 13 public repositories matching this topic...

SummerSec / JavaLearnVulnerability

Java漏洞学习笔记 Deserialization Vulnerability

java vulnerability weblogic shiro-security deserialization-vulnerability jackson-databind fastjson-rce commons-collections3 java-refilection commons-collections4 weblogc-security

Updated Sep 1, 2022
HTML

a1phaboy / FastjsonScan

Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency

fastjson deserialization-vulnerability scanner-web fastjson-rce

Updated Sep 20, 2022
Go

tweedge / springcore-0day-en

Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

java exploit 0day deserialization-vulnerability springcore spring4shell

Updated Apr 5, 2022
Python

GrrrDog / ZeroNights-WebVillage-2017

vulnerable-container deserialization-vulnerability

Updated Nov 20, 2017
Java

j0lt-github / python-deserialization-attack-payload-generator

Peas create serialized payload for deserialization RCE attack on python driven applications where pickle ,pyYAML, ruamel.yaml or jsonpickle module is used for deserialization of serialized data. I will update it with more attack vectors to targets other modules.

python yaml backdoor hacking deserialization rce cmd pickle msfvenom serial-data deserialization-vulnerability pyyaml deserialization-rce-attack attack-vectors python-driven-applications prick ruamel ruamelyaml pysyck

Updated Mar 25, 2021
Python

hvqzao / java-deserialize-webapp

Vulnerable webapp testbed

java-webapp intentionally-vulnerable deserialization-vulnerability

Updated May 11, 2016
Java

NyaMeeEain / Applications-Security

deserialization penetration-testing jwt-token application-security pentesting pentest blind-sql-injection jwtauth java-deserialization deserialization-vulnerability redteam redteam-infrastructure

Updated May 29, 2021

thomasleplus / jdk-serial-filter-trace

A JBoss Byteman rule to debug the trace the JDK deserialization filtering

java jvm byteman jdk jboss jboss-eap jboss-wildfly deserialization-vulnerability byteman-agent

Updated Sep 3, 2022

klezVirus / deser-py

Sponsor

Python Deserialization Payload Generator

python deserialization pickle deserialization-vulnerability pyyaml jsonpickle

Updated Mar 15, 2020
Python

klezVirus / deser-ruby

Sponsor

Ruby Deserialization Payload Generator

ruby rails yaml binary deserialization rce command-execution deserialization-vulnerability

Updated Mar 8, 2020
Ruby

nth347 / CVE-2020-28032_PoC

PoC for CVE-2020-28032 (It's just a POP chain in WordPress < 5.5.2 for exploiting PHP Object Injection)

wordpress security-vulnerability deserialization-vulnerability

Updated Nov 17, 2021
PHP

sum-catnip / maptool-rce

maptool unauthenticated rce exploit <1.8.0 beta2b

exploit rce hessian maptool java-deserialization deserialization-vulnerability

Updated Feb 10, 2021
Python

AreedAhmed / Java-Deserializer

This tool is responsible to perform java deserialization attacks on server end points

java python3 deserialization-vulnerability

Updated Jun 23, 2021
Python

Improve this page

Add a description, image, and links to the deserialization-vulnerability topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the deserialization-vulnerability topic, visit your repo's landing page and select "manage topics."