notsoserial
Deserialization shield
An agent that prevents deserialization attacks by making certain classes unserializable
Java Agent which mitigates deserialisation attacks by making certain classes unserializable
185 stars
24 watching
33 forks
Language: Java
last commit: over 8 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 netspi/javaserialkiller | A Burp extension that enables Java Deserialization Attacks using a payload generator tool | 208 |
 cschneider4711/swat | An agent-based tool to create and manage a whitelist of whitelisted classes for protection against malicious Java deserialization attacks | 29 |
 federicodotta/java-deserialization-scanner | A plugin for detecting and exploiting vulnerabilities in Java deserialization | 775 |
 directdefense/superserial | A Burp Suite Extender to identify Java Deserialization vulnerabilities in client requests and server responses. | 9 |
 nccgroup/freddy | A tool to detect and exploit deserialization vulnerabilities in Java and .NET applications. | 573 |
 ikkisoft/serialkiller | A Java deserialization library designed to secure applications by inspecting and controlling class loading during object deserialization | 405 |
 bishopfox/gadgetprobe | Tools for analyzing and exploiting vulnerabilities in Java deserialization vulnerabilities | 585 |
| directdefense/superserial-active | An active Java deserialization vulnerability identifier and exploiter | 7 |
 ioactive/burpjdser-ng | A tool to deserialize Java objects to XML and load classes/jars dynamically. | 15 |
 kbss-cvut/jb4jsonld | A Java library for serializing and deserializing objects to JSON-LD format using annotations. | 12 |
 kungia09/bangcle | Protects Android apps from malicious activities by hardening and encrypting them using dynamic loading of encrypted dex files. | 389 |
 joaomatosf/javadeserh2hc | A lab project providing code samples and tools to understand deserialization vulnerabilities in Java applications. | 491 |
 frohoff/owaspsd-deserialize-my-shorts | A presentation and discussion on the security risks of deserialization in Java object graphs. | 5 |
 notsosecure/serializedpayloadgenerator | A tool to generate deserialization payloads for exploiting vulnerabilities in various frameworks | 101 |
 artsploit/yaml-payload | A utility for generating deserialization payloads in SnakeYAML format to exploit certain security vulnerabilities | 563 |