#java

JNDI-Injection-Exploit
JNDI-Injection-Exploit

Generates JNDI links can start several servers to exploit JNDI Injection vulnerabilities.

BaRMIe
BaRMIe

Enumerating and attacking Java Remote Method Invocation services.

Freddy Deserialization Bug Finder
Freddy Deserialization Bug Finder

A Burp Suite extension to aid in detecting and exploiting serialisation libraries/APIs.

Java Deserialization Scanner
Java Deserialization Scanner

All-in-one plugin for the detection and exploitation of Java deserialization vulnerabilities.

GadgetProbe
GadgetProbe

Probe endpoints consuming Java serialized objects for fingerprinting.

ysoserial
ysoserial

Generates payloads that exploit unsafe Java object deserialization.

jSQL Injection
jSQL Injection

Java application for automatic SQL database injection.