JavaSerialKiller

Deserialization Tool

A Burp extension that enables Java Deserialization Attacks using a payload generator tool

Burp extension to perform Java Deserialization Attacks

GitHub

208 stars
21 watching
46 forks
Language: Java
last commit: about 1 year ago

Related projects:

Repository Description Stars
bishopfox/gadgetprobe Tools for analyzing and exploiting vulnerabilities in Java deserialization vulnerabilities 587
ioactive/burpjdser-ng A tool to deserialize Java objects to XML and load classes/jars dynamically. 15
kantega/notsoserial An agent that prevents deserialization attacks by making certain classes unserializable 186
federicodotta/java-deserialization-scanner A plugin for detecting and exploiting vulnerabilities in Java deserialization 775
ikkisoft/serialkiller A Java deserialization library designed to secure applications by inspecting and controlling class loading during object deserialization 408
nccgroup/freddy A tool to detect and exploit deserialization vulnerabilities in Java and .NET applications. 574
directdefense/superserial A Burp Suite Extender to identify Java Deserialization vulnerabilities in client requests and server responses. 9
cschneider4711/swat An agent-based tool to create and manage a whitelist of whitelisted classes for protection against malicious Java deserialization attacks 29
netspi/burp-extensions Provides a central repository for creating and sharing extensions for the Burp Suite web testing tool 149
netspi/awssigner Tool to validate and generate AWS SigV4 signatures in Burp Suite extensions 86
mbechler/serianalyzer Analyzes Java bytecode to identify potential deserialization vulnerabilities. 240
netspi/jsonbeautifier A Java-based tool for improving the readability of JSON data used in Burp Suite 37
artsploit/yaml-payload A utility for generating deserialization payloads in SnakeYAML format to exploit certain security vulnerabilities 570
netspi/wsdler An extension for Burp to parse and analyze SOAP requests from WSDL files 216
kbss-cvut/jb4jsonld A Java library for serializing and deserializing objects to JSON-LD format using annotations. 12