Ermir is an Evil/Rogue RMI Registry, it exploits unsecure deserialization on any Java code calling standard RMI methods on it …
Zkar – A Java Serialization Protocol Analysis Tool Implement In Go
ZKar is a Java serialization protocol analysis tool implement in Go. This tool is still work in progress, so no …
Mariana Trench – Security Focused Static Analysis Tool For Android And Java Applications
Mariana Trench is a security focused static analysis platform targeting Android. This guide will walk you through setting up Mariana …
JVMXRay – Make Java Security Events Of Interest Visible For Analysis
JVMXRay is a technology for monitoring access to system resources within the Java Virtual Machine. It’s designed with application security …
Confused – Tool To Check For Dependency Confusion Vulnerabilities In Multiple Package Management Systems
A tool for checking for lingering free namespaces for private package names referenced in dependency configuration for Python (pypi) requirements.txt, …
RMIScout – Wordlist And Bruteforce Strategies To Enumerate Java RMI Functions And Exploit RMI Parameter Unmarshalling Vulnerabilities
RMIScout performs wordlist and bruteforce attacks against exposed Java RMI interfaces to safely guess method signatures without invocation.On misconfigured servers, …
Threadtear – Multifunctional Java Deobfuscation Tool Suite
Threadtear is a multifunctional deobfuscation tool for java. Suitable for easier code analysis without worrying too much about obfuscation. Even …