marshalsec
Code exploitation tool
Analyzes and exploits vulnerabilities in Java marshalling libraries to demonstrate potential code execution
3k stars
67 watching
683 forks
Language: Java
last commit: about 2 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 grrrdog/java-deserialization-cheat-sheet | A cheat sheet providing guidance on deserialization vulnerabilities in Java applications | 3,044 |
 myblackmanba/cve-2021-29505 | Reproducing and analyzing the CVE-2021-29505 vulnerability in Java's XStream deserialization process | 5 |
 frohoff/ysoserial | Generates payloads to exploit unsafe Java object deserialization vulnerabilities | 7,857 |
 mogwailabs/rmi-deserialization | Demonstrating vulnerabilities in Java RMI services | 101 |
 marmelab/gremlins.js | A tool that simulates unpredictable user interactions to test an application's robustness and detect potential errors. | 9,036 |
 pwntester/ysoserial.net | Generates payloads to exploit unsafe .NET object deserialization. | 3,260 |
 uber/nullaway | A tool to help eliminate NullPointerExceptions in Java code with low build-time overhead | 3,645 |
| mbechler/serianalyzer | Analyzes Java bytecode to identify potential deserialization vulnerabilities. | 240 |
 bishopfox/gadgetprobe | Tools for analyzing and exploiting vulnerabilities in Java deserialization vulnerabilities | 587 |
 joaomatosf/javadeserh2hc | A lab project providing code samples and tools to understand deserialization vulnerabilities in Java applications. | 497 |
 droogans/unmaintainable-code | An anti-pattern guide to writing difficult-to-maintain code | 9,992 |
 javaparser/javaparser | A Java library that generates an Abstract Syntax Tree from source code and provides advanced analysis functionalities. | 5,479 |
 alexandreborges/malwoverview | A tool for analyzing malware and threat intelligence data from multiple sources | 3,012 |
 mojtabatajik/robber | Tools to detect DLL hijacking vulnerabilities in executable files | 767 |