GitHub

OWASP Benchmark for Java

The OWASP Benchmark Project is a Java test suite designed to verify the speed and accuracy of vulnerability detection tools. It is a fully runnable open source web application that can be analyzed by ...
GitHub

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Originally released as part of AppSecCali 2015 Talk "Marshalling Pickles: how deserializing objects will ruin your day" with gadget chains for Apache Commons Collections (3.x and 4.x), Spring ...