Vulnerable webapp testbed
-
Updated
May 11, 2016 - Java
Vulnerable webapp testbed
This project contains a Java deserialization vulnerability that is exploitable with some ysoserial payloads, but also contains a custom class that can be leveraged to get command execution upon deserialization.
Fake MySQL Server for Exploit Vulnerability of MySQL JDBC Driver
Java反序列化/JNDI注入/恶意类生成工具,支持多种高版本bypass,支持回显/内存马等多种扩展利用。
Add a description, image, and links to the deserialization-vulnerability topic page so that developers can more easily learn about it.
To associate your repository with the deserialization-vulnerability topic, visit your repo's landing page and select "manage topics."