-
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
gadget chain attack: is a type of exploit where an attacker uses a series of "gadgets" — small pieces of code that perform a specific function — to execute a larger, more complex attack. By chaining together these gadgets, an attacker can gain control of a target system or perform other malicious actions. You can use ysoserial to create a serialize payload java -jar path/to/ysoserial.jar CommonsCollections4 'whoami'
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a more popular project.
Related posts
-
anybody got ysoserial to work in kali 2022 running java v17?
-
Java deserialization payloads in log4j (Unified starting point)
-
PoC tool for creating payloads that exploit unsafe Java object deserialization
-
Is Haskell a Good Choice for Software Security?
-
What exactly is the reason for denying reflection access?