A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

Java web common vulnerabilities and security code which is base on springboot and spring security

一款基于BurpSuite的被动式FastJson检测插件

通过jsp脚本扫描java web Filter/Servlet型内存马

WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell

Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).

内存马Demo合集 memshell demo for java / php / python