marshalsec

Code exploitation tool

Analyzes and exploits vulnerabilities in Java marshalling libraries to demonstrate potential code execution

3k stars

67 watching

680 forks

Language: Java

last commit: almost 2 years ago

Related projects:

Repository	Description	Stars
grrrdog/java-deserialization-cheat-sheet	A cheat sheet providing guidance on deserialization vulnerabilities in Java applications	3,035
myblackmanba/cve-2021-29505	Reproducing and analyzing the CVE-2021-29505 vulnerability in Java's XStream deserialization process	5
frohoff/ysoserial	Generates payloads to exploit unsafe Java object deserialization vulnerabilities	7,789
mogwailabs/rmi-deserialization	Demonstrating vulnerabilities in Java RMI services	101
marmelab/gremlins.js	A tool that simulates unpredictable user interactions to test an application's robustness and detect potential errors.	9,025
pwntester/ysoserial.net	Generates payloads to exploit unsafe .NET object deserialization.	3,237
uber/nullaway	A tool to help eliminate NullPointerExceptions in Java code with low build-time overhead	3,638
mbechler/serianalyzer	Analyzes Java bytecode to identify potential deserialization vulnerabilities.	241
bishopfox/gadgetprobe	Tools for analyzing and exploiting vulnerabilities in Java deserialization vulnerabilities	585
lordnoteworthy/al-khaser	A Proof-of-Concept malware application designed to test anti-malware and sandbox systems.	5,919
joaomatosf/javadeserh2hc	A lab project providing code samples and tools to understand deserialization vulnerabilities in Java applications.	491
droogans/unmaintainable-code	An anti-pattern guide to writing difficult-to-maintain code	9,982
javaparser/javaparser	A Java library that generates an Abstract Syntax Tree from source code and provides advanced analysis functionalities.	5,437
alexandreborges/malwoverview	An automated tool for threat hunting and malware analysis	2,967
mojtabatajik/robber	Tools to detect DLL hijacking vulnerabilities in executable files	765