Awesome Open Source

Programming Languages

Search results for deserialization gadget

deserialization x

19 search results found

Ysoserial ⭐ 7,002

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Ysoserial.net ⭐ 2,749

Deserialization payload generator for a variety of .NET formatters

Jexboss ⭐ 1,470

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

Ysomap ⭐ 1,045

A helpful Java Deserialization exploit framework.

Remote Method Guesser ⭐ 746

Java RMI Vulnerability Scanner

Gadgetinspector ⭐ 568

A byte code analyzer for finding deserialization gadget chains in Java applications

Serialkillerbypassgadgetcollection ⭐ 283

Collection of bypass gadgets to extend and wrap ysoserial payloads

Exserial ⭐ 65

Java Untrusted Deserialization Exploits Tools

Attackrmi ⭐ 64

Yaml Payload ⭐ 47

A tiny project for generating SnakeYAML deserialization payloads

Grrrdog Java Deserialization Cheat Sheet ⭐ 43

https://github.com/GrrrDog/Java-Deserialization-Ch

Deserialization Filter Blacklists ⭐ 18

Native Java serialization filter blacklist for common gadgets

A static analysis API for finding deserialization attack gadgets

Cve 2018 19276 ⭐ 16

CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE

Place for random PoCs

Jackspoilt ⭐ 7

Contextual Deserialization vulnerability that causes RCE - Remote Code Execution

Cve 2019 17564 Fastjson Gadget ⭐ 7

Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information available at https://www.checkmarx.com/blog/apache-dubbo-unauth

Deserializationexercises ⭐ 6

Safedeserializationhelpers ⭐ 5

👹 Fixes known BinaryFormatter deserialization vulnerabilities

Related Searches

Java Deserialization (259)

Python Gadget (191)

Javascript Gadget (183)

C Sharp Deserialization (134)

1-19 of 19 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.