Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 7 Java Exploit Projects
-
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
-
AndroRAT
A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
-
JNDI-Injection-Exploit-Plus
80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
-
JNDIExploit
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。 (by 0x727)
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Project mention: anybody got ysoserial to work in kali 2022 running java v17? | /r/oscp | 2023-06-24
I'm not horribly familiar with how the whole "AI" thing works, but I'd imagine you'd have to have a dataset trained on the ARM9 architecture for it to work. You might be better off starting blind with NTRGhidra and just poking around to see how it works.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Java Exploit related posts
- anybody got ysoserial to work in kali 2022 running java v17?
- JNDI-Injection-Exploit-Plus tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
- GitHub - cckuailong/JNDI-Injection-Exploit-Plus: 80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
- Java deserialization payloads in log4j (Unified starting point)
- PoC tool for creating payloads that exploit unsafe Java object deserialization
- Is Java as safe as we believe?
- Is Haskell a Good Choice for Software Security?
-
A note from our sponsor - InfluxDB
www.influxdata.com | 25 Apr 2024
Index
What are some of the best open-source Exploit projects in Java? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | ysoserial | 7,291 |
| 2 | AndroRAT | 2,680 |
| 3 | CVE-2021-44228-PoC-log4j-bypass-words | 924 |
| 4 | JNDI-Injection-Exploit-Plus | 579 |
| 5 | NXLoader | 513 |
| 6 | JNDIExploit | 211 |
| 7 | NTRGhidra | 150 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com