joaomatosf/jexboss

Features

• Java Deserialization Exploits - Provides a framework to deliver specialized Java deserialization payloads to achieve remote code execution.
• Vulnerability Scanners - Identifies vulnerable Java services across network ranges and ports to automate target discovery.
• Active Vulnerability Scanning - Performs intrusive network probing across IP ranges and ports to identify services susceptible to deserialization exploits.
• Deserialization Vulnerability Testing - Simulates remote code execution attacks to verify if applications properly secure their data deserialization processes.
• Exploit Frameworks - Functions as a modular platform for scanning and exploiting Java deserialization vulnerabilities.
• Serialized Payload Execution - Triggers unauthorized command execution by sending serialized data objects to target servers.
• Network Vulnerability Scanning - Identifies vulnerable services across specified network ranges and ports to automate target discovery.
• Remote Command Execution Tools - Ships a suite of utilities for delivering payloads and executing system commands on vulnerable applications.
• Reverse Shells - Establishes a persistent network connection from the compromised target back to a listener for remote terminal access.
• Remote Command Execution - Executes system-level instructions on a target host immediately following a successful vulnerability exploit.
• Payload Injection Techniques - Implements techniques to inject exploit strings into network parameters and admin endpoints to bypass security filters.
• Post-Exploitation Frameworks - Provides automation for managing remote access and updating software on compromised systems.
• Middleware Exploitation - Verification and exploitation tool for JBoss and Java deserialization.
• Security Tools - Verification and exploitation tool for Java deserialization vulnerabilities

Star history