JavaDeserH2HC
Deserialization vulnerability lab
A lab project providing code samples and tools to understand deserialization vulnerabilities in Java applications.
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
491 stars
23 watching
117 forks
Language: Java
last commit: over 2 years ago deserializationjavajavadeserjbossjvmlabpocreverse-shellvulnerability
Related projects:
| Repository | Description | Stars |
|---|---|---|
 bishopfox/gadgetprobe | Tools for analyzing and exploiting vulnerabilities in Java deserialization vulnerabilities | 585 |
 mogwailabs/rmi-deserialization | Demonstrating vulnerabilities in Java RMI services | 101 |
 them4hd1/jcs | Automated tool to identify vulnerabilities in Joomla components and generate reports | 60 |
 myblackmanba/cve-2021-29505 | Reproducing and analyzing the CVE-2021-29505 vulnerability in Java's XStream deserialization process | 5 |
 nccgroup/freddy | A tool to detect and exploit deserialization vulnerabilities in Java and .NET applications. | 573 |
 directdefense/superserial | A Burp Suite Extender to identify Java Deserialization vulnerabilities in client requests and server responses. | 9 |
 federicodotta/java-deserialization-scanner | A plugin for detecting and exploiting vulnerabilities in Java deserialization | 775 |
 jackofmosttrades/gadgetinspector | Analyzes Java applications for potential deserialization gadget chains to help identify vulnerabilities and prioritize remediation. | 996 |
 jas502n/jackson-cve-2020-8840 | A project that details and demonstrates the impact of a remote code execution vulnerability in a popular Java library used for JSON data binding. | 73 |
 kbss-cvut/jb4jsonld | A Java library for serializing and deserializing objects to JSON-LD format using annotations. | 12 |
 mihir-shah99/vulndroid | An Android app designed to demonstrate common web application vulnerabilities and provide training in secure coding practices. | 10 |
 mpgn/cve-2019-0192 | A proof of concept project demonstrating a remote code execution vulnerability in Apache Solr via deserialization of untrusted data | 209 |
 incredibleindishell/cors-vulnerable-lab | A lab environment simulating common CORS misconfiguration issues in web applications. | 189 |
| incredibleindishell/ssrf_vulnerable_lab | A laboratory repository demonstrating vulnerable PHP code examples for Server-Side Request Forgery (SSRF) attacks | 670 |
 jaiswalakshansh/vuldroid | An Android application showcasing various security vulnerabilities to demonstrate potential attack vectors | 63 |