1 repositorio
Study of how libraries can be chained together to trigger unintended behavior on target systems.
Distinct from Remote Code Execution Mitigations: Distinct from mitigations or hardware execution: focuses on the research of chaining software libraries for RCE.
Explore 1 awesome GitHub repository matching security & cryptography · Remote Code Execution Research. Refine with filters or upvote what's useful.
ysoserial is a security research tool and payload generator designed to identify and exploit insecure Java deserialization. It functions as a framework for creating malicious serialized objects that can trigger remote code execution on Java virtual machines. The project provides a library of known gadget chains, which are sequences of vulnerable class calls that achieve arbitrary command execution during the deserialization process. It automates the generation of these payloads by leveraging common third-party libraries. The tool covers capabilities for security penetration testing, Java app
Studies how common Java libraries can be chained together to trigger unintended behavior on a target system.