SerialKiller
Class loader inspector
A Java deserialization library designed to secure applications by inspecting and controlling class loading during object deserialization
Look-Ahead Java Deserialization Library
405 stars
26 watching
68 forks
Language: Java
last commit: almost 5 years ago deserializationjavasecuritysecurity-hardening
Related projects:
| Repository | Description | Stars |
|---|---|---|
 ioactive/burpjdser-ng | A tool to deserialize Java objects to XML and load classes/jars dynamically. | 15 |
 netspi/javaserialkiller | A Burp extension that enables Java Deserialization Attacks using a payload generator tool | 208 |
 cschneider4711/swat | An agent-based tool to create and manage a whitelist of whitelisted classes for protection against malicious Java deserialization attacks | 29 |
 nccgroup/freddy | A tool to detect and exploit deserialization vulnerabilities in Java and .NET applications. | 573 |
 bishopfox/gadgetprobe | Tools for analyzing and exploiting vulnerabilities in Java deserialization vulnerabilities | 585 |
 mbechler/serianalyzer | Analyzes Java bytecode to identify potential deserialization vulnerabilities. | 241 |
 kantega/notsoserial | An agent that prevents deserialization attacks by making certain classes unserializable | 185 |
 scijava/native-lib-loader | Tools to extract and load native libraries from Java archives. | 186 |
 jackofmosttrades/gadgetinspector | Analyzes Java applications for potential deserialization gadget chains to help identify vulnerabilities and prioritize remediation. | 996 |
 kbss-cvut/jb4jsonld | A Java library for serializing and deserializing objects to JSON-LD format using annotations. | 12 |
 jnr/jnr-ffi | A Java library for loading native libraries without writing custom JNI code | 1,257 |
 storyyeller/krakatau | A toolset for analyzing and manipulating Java bytecode | 1,992 |
 federicodotta/java-deserialization-scanner | A plugin for detecting and exploiting vulnerabilities in Java deserialization | 775 |
 directdefense/superserial | A Burp Suite Extender to identify Java Deserialization vulnerabilities in client requests and server responses. | 9 |
 smallrye/jandex | An index-based reflection system for Java classes. | 398 |