awesome-repositories.com
Blog
awesome-repositories.com

Discover the best open-source repositories with AI-powered search.

ExploreCurated searchesOpen-source alternativesSelf-hosted softwareBlogSitemap
ProjectAboutHow we rankPressMCP server
LegalPrivacyTerms
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
Back to vulhub/java-chains

Open-source alternatives to Java Chains

11 open-source projects similar to vulhub/java-chains, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Java Chains alternative.

  • 0ofo/deswing0

    0ofo/Deswing

    0View on GitHub↗
    View on GitHub↗0
  • 4ra1n/mysql-fake-server4

    4ra1n/mysql-fake-server

    0View on GitHub↗
    View on GitHub↗0
  • ar3h/utf8-overlong-agentA

    Ar3h/utf8-overlong-agent

    0View on GitHub↗
    View on GitHub↗0
  • exp1orer/jndi-inject-exploitE

    exp1orer/JNDI-Inject-Exploit

    0View on GitHub↗
    View on GitHub↗0
  • frohoff/ysoserialfrohoff avatar

    frohoff/ysoserial

    8,750View on GitHub↗

    ysoserial is a security research tool and payload generator designed to identify and exploit insecure Java deserialization. It functions as a framework for creating malicious serialized objects that can trigger remote code execution on Java virtual machines. The project provides a library of known gadget chains, which are sequences of vulnerable class calls that achieve arbitrary command execution during the deserialization process. It automates the generation of these payloads by leveraging common third-party libraries. The tool covers capabilities for security penetration testing, Java app

    Javadeserializationexploitgadget
    View on GitHub↗8,750
  • mbechler/marshalsecmbechler avatar

    mbechler/marshalsec

    3,691View on GitHub↗

    Marshalsec is a toolkit designed for generating malicious serialized Java objects to achieve remote code execution during the unmarshalling process. It functions as a Java deserialization exploit tool and a framework for triggering Java Naming and Directory Interface lookups to remote servers. The project provides a JNDI redirector service that intercepts lookups and points targets toward a remote codebase. It includes utilities for crafting payloads that force Java applications to download and execute arbitrary classes from a remote URL. The toolset covers security analysis activities inclu

    Java
    View on GitHub↗3,691

AI search

Explore more awesome repositories

Describe what you need in plain English — the AI ranks thousands of curated open-source projects by relevance.

Find more with AI search
  • qi4l/jysoqi4L avatar

    qi4L/JYso

    1,752View on GitHub↗

    JNDIExploit or a ysoserial.

    Javaattackgadgetjava
    View on GitHub↗1,752
  • wh1t3p1g/ysomapwh1t3p1g avatar

    wh1t3p1g/ysomap

    1,240View on GitHub↗

    A helpful Java Deserialization exploit framework.

    Javaexploitation-frameworkjava-deserialization
    View on GitHub↗1,240
  • whoopsunix/pppysoW

    Whoopsunix/PPPYSO

    0View on GitHub↗
    View on GitHub↗0
  • y4er/ysoserialY

    Y4er/ysoserial

    0View on GitHub↗
    View on GitHub↗0
  • yaklang/yakityaklang avatar

    yaklang/yakit

    7,386View on GitHub↗

    Yakit is a comprehensive cybersecurity all-in-one platform designed for security assessments. It integrates a suite of core tools including an HTTP interception proxy for real-time traffic modification, an out-of-band interaction detector for verifying remote command execution via TCP, DNSLog, and ICMP, and a reverse shell manager for controlling remote server connections. The platform is distinguished by its dedicated security scripting environment, which allows for the development and execution of custom logic and plugins using a specialized high-performance language. It further extends fun

    TypeScriptblueteamburpsuiteexploit
    View on GitHub↗7,386