Java反序列化/JNDI注入/恶意类生成工具,支持多种高版本bypass,支持回显/内存马等多种扩展利用。
-
Updated
Jan 5, 2025 - Java
#
deserialization-vulnerability
Here are 5 public repositories matching this topic...
-
Updated
Nov 20, 2017 - Java
Vulnerable webapp testbed
-
Updated
May 11, 2016 - Java
This project contains a Java deserialization vulnerability that is exploitable with some ysoserial payloads, but also contains a custom class that can be leveraged to get command execution upon deserialization.
-
Updated
Aug 8, 2022 - Java
Fake MySQL Server for Exploit Vulnerability of MySQL JDBC Driver
-
Updated
Jun 9, 2023 - Java
Improve this page
Add a description, image, and links to the deserialization-vulnerability topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the deserialization-vulnerability topic, visit your repo's landing page and select "manage topics."