Changelog v0.0.3: + Refactors and included new JRE <= 1.7u21 gadget chain ysoserial is a collection of utilities and property-oriented programming “gadget chains” discovered in…
JBoss-exp deserialize java exploits -JBOSS (including java project generated payload, exploit py script, shodan part of the target host search results) Latest Change 16/12/2015: add…
Disclaimer This tool is for learning and research purposes, not for commercial purposes, if there are any legal disputes therefore, without any relationship with the…
JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server. Requirement: – python 2.7 – urllib3 Features: The tool and exploits were…
Changelog v-2.0: + Added signature for Symantec Endpoint Protection Manager + Added signature for Arecont Vision Mega Pixel Panoramic Camera + login form brute force…
Java Deserialization Exploit is A tool which weaponizes frohoff’s original ysoserial code to gain a remote shell on vulnerable Linux machines. This tool builds upon…
NotSoSerial is a Java Agent designed as a mitigation effort against deserialization attacks. Think of it as a “deserialization firewall”. It gives you complete control…