Java-Deserialization-Scanner
Deserialization scanner
A plugin for detecting and exploiting vulnerabilities in Java deserialization
All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
775 stars
34 watching
177 forks
Language: Java
last commit: about 3 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 bishopfox/gadgetprobe | Tools for analyzing and exploiting vulnerabilities in Java deserialization vulnerabilities | 585 |
 directdefense/superserial | A Burp Suite Extender to identify Java Deserialization vulnerabilities in client requests and server responses. | 9 |
 netspi/javaserialkiller | A Burp extension that enables Java Deserialization Attacks using a payload generator tool | 208 |
 nccgroup/freddy | A tool to detect and exploit deserialization vulnerabilities in Java and .NET applications. | 573 |
 kantega/notsoserial | An agent that prevents deserialization attacks by making certain classes unserializable | 185 |
 jackofmosttrades/gadgetinspector | Analyzes Java applications for potential deserialization gadget chains to help identify vulnerabilities and prioritize remediation. | 996 |
 cschneider4711/swat | An agent-based tool to create and manage a whitelist of whitelisted classes for protection against malicious Java deserialization attacks | 29 |
 joaomatosf/javadeserh2hc | A lab project providing code samples and tools to understand deserialization vulnerabilities in Java applications. | 491 |
| directdefense/superserial-active | An active Java deserialization vulnerability identifier and exploiter | 7 |
 vulnerscom/burp-dirbuster | A plugin designed to facilitate the use of Dirbuster in Burp Suite for discovering potential vulnerabilities. | 70 |
 ioactive/burpjdser-ng | A tool to deserialize Java objects to XML and load classes/jars dynamically. | 15 |
 the-login/dns-analyzer | A tool to analyze DNS vulnerabilities in web applications and identify potential security risks. | 94 |
 myblackmanba/cve-2021-29505 | Reproducing and analyzing the CVE-2021-29505 vulnerability in Java's XStream deserialization process | 5 |
 mogwailabs/rmi-deserialization | Demonstrating vulnerabilities in Java RMI services | 101 |
 f6jo/routevulscan | An extensible burp suite plugin for scanning vulnerable paths in web applications | 1,152 |