├── .gitignore ├── LICENSE ├── README.md ├── pom.xml └── src └── main └── java ├── burp ├── BurpExtender.java ├── ButtonTabComponent.java ├── ChildTab.java ├── IBurpExtender.java ├── IBurpExtenderCallbacks.java ├── IContextMenuFactory.java ├── IContextMenuInvocation.java ├── ICookie.java ├── IExtensionHelpers.java ├── IExtensionStateListener.java ├── IHttpListener.java ├── IHttpRequestResponse.java ├── IHttpRequestResponsePersisted.java ├── IHttpRequestResponseWithMarkers.java ├── IHttpService.java ├── IInterceptedProxyMessage.java ├── IIntruderAttack.java ├── IIntruderPayloadGenerator.java ├── IIntruderPayloadGeneratorFactory.java ├── IIntruderPayloadProcessor.java ├── IMenuItemHandler.java ├── IMessageEditor.java ├── IMessageEditorController.java ├── IMessageEditorTab.java ├── IMessageEditorTabFactory.java ├── IParameter.java ├── IProxyListener.java ├── IRequestInfo.java ├── IResponseInfo.java ├── IScanIssue.java ├── IScanQueueItem.java ├── IScannerCheck.java ├── IScannerInsertionPoint.java ├── IScannerInsertionPointProvider.java ├── IScannerListener.java ├── IScopeChangeListener.java ├── ISessionHandlingAction.java ├── ITab.java ├── ITempFile.java ├── ITextEditor.java ├── JavaSerialKiller.java ├── JavaSerialKillerTab.java ├── Menu.java └── Utilities.java └── ysoserial ├── Deserializer.java ├── GeneratePayload.java ├── Serializer.java ├── payloads ├── BeanShell1.java ├── CommonsBeanutilsCollectionsLogging1.java ├── CommonsCollections1.java ├── CommonsCollections2.java ├── CommonsCollections3.java ├── CommonsCollections4.java ├── Groovy1.java ├── Jdk7u21.java ├── ObjectPayload.java ├── Spring1.java ├── annotation │ └── Dependencies.java └── util │ ├── ClassFiles.java │ ├── Gadgets.java │ ├── PayloadRunner.java │ └── Reflections.java └── secmgr ├── DelegateSecurityManager.java ├── ExecCheckingSecurityManager.java └── ThreadLocalSecurityManager.java /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/.gitignore -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/README.md -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/pom.xml -------------------------------------------------------------------------------- /src/main/java/burp/BurpExtender.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/BurpExtender.java -------------------------------------------------------------------------------- /src/main/java/burp/ButtonTabComponent.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/ButtonTabComponent.java -------------------------------------------------------------------------------- /src/main/java/burp/ChildTab.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/ChildTab.java -------------------------------------------------------------------------------- /src/main/java/burp/IBurpExtender.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IBurpExtender.java -------------------------------------------------------------------------------- /src/main/java/burp/IBurpExtenderCallbacks.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IBurpExtenderCallbacks.java -------------------------------------------------------------------------------- /src/main/java/burp/IContextMenuFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IContextMenuFactory.java -------------------------------------------------------------------------------- /src/main/java/burp/IContextMenuInvocation.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IContextMenuInvocation.java -------------------------------------------------------------------------------- /src/main/java/burp/ICookie.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/ICookie.java -------------------------------------------------------------------------------- /src/main/java/burp/IExtensionHelpers.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IExtensionHelpers.java -------------------------------------------------------------------------------- /src/main/java/burp/IExtensionStateListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IExtensionStateListener.java -------------------------------------------------------------------------------- /src/main/java/burp/IHttpListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IHttpListener.java -------------------------------------------------------------------------------- /src/main/java/burp/IHttpRequestResponse.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IHttpRequestResponse.java -------------------------------------------------------------------------------- /src/main/java/burp/IHttpRequestResponsePersisted.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IHttpRequestResponsePersisted.java -------------------------------------------------------------------------------- /src/main/java/burp/IHttpRequestResponseWithMarkers.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IHttpRequestResponseWithMarkers.java -------------------------------------------------------------------------------- /src/main/java/burp/IHttpService.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IHttpService.java -------------------------------------------------------------------------------- /src/main/java/burp/IInterceptedProxyMessage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IInterceptedProxyMessage.java -------------------------------------------------------------------------------- /src/main/java/burp/IIntruderAttack.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IIntruderAttack.java -------------------------------------------------------------------------------- /src/main/java/burp/IIntruderPayloadGenerator.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IIntruderPayloadGenerator.java -------------------------------------------------------------------------------- /src/main/java/burp/IIntruderPayloadGeneratorFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IIntruderPayloadGeneratorFactory.java -------------------------------------------------------------------------------- /src/main/java/burp/IIntruderPayloadProcessor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IIntruderPayloadProcessor.java -------------------------------------------------------------------------------- /src/main/java/burp/IMenuItemHandler.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IMenuItemHandler.java -------------------------------------------------------------------------------- /src/main/java/burp/IMessageEditor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IMessageEditor.java -------------------------------------------------------------------------------- /src/main/java/burp/IMessageEditorController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IMessageEditorController.java -------------------------------------------------------------------------------- /src/main/java/burp/IMessageEditorTab.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IMessageEditorTab.java -------------------------------------------------------------------------------- /src/main/java/burp/IMessageEditorTabFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IMessageEditorTabFactory.java -------------------------------------------------------------------------------- /src/main/java/burp/IParameter.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IParameter.java -------------------------------------------------------------------------------- /src/main/java/burp/IProxyListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IProxyListener.java -------------------------------------------------------------------------------- /src/main/java/burp/IRequestInfo.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IRequestInfo.java -------------------------------------------------------------------------------- /src/main/java/burp/IResponseInfo.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IResponseInfo.java -------------------------------------------------------------------------------- /src/main/java/burp/IScanIssue.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IScanIssue.java -------------------------------------------------------------------------------- /src/main/java/burp/IScanQueueItem.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IScanQueueItem.java -------------------------------------------------------------------------------- /src/main/java/burp/IScannerCheck.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IScannerCheck.java -------------------------------------------------------------------------------- /src/main/java/burp/IScannerInsertionPoint.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IScannerInsertionPoint.java -------------------------------------------------------------------------------- /src/main/java/burp/IScannerInsertionPointProvider.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IScannerInsertionPointProvider.java -------------------------------------------------------------------------------- /src/main/java/burp/IScannerListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IScannerListener.java -------------------------------------------------------------------------------- /src/main/java/burp/IScopeChangeListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/IScopeChangeListener.java -------------------------------------------------------------------------------- /src/main/java/burp/ISessionHandlingAction.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/ISessionHandlingAction.java -------------------------------------------------------------------------------- /src/main/java/burp/ITab.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/ITab.java -------------------------------------------------------------------------------- /src/main/java/burp/ITempFile.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/ITempFile.java -------------------------------------------------------------------------------- /src/main/java/burp/ITextEditor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/ITextEditor.java -------------------------------------------------------------------------------- /src/main/java/burp/JavaSerialKiller.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/JavaSerialKiller.java -------------------------------------------------------------------------------- /src/main/java/burp/JavaSerialKillerTab.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/JavaSerialKillerTab.java -------------------------------------------------------------------------------- /src/main/java/burp/Menu.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/Menu.java -------------------------------------------------------------------------------- /src/main/java/burp/Utilities.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/burp/Utilities.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/Deserializer.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/Deserializer.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/GeneratePayload.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/GeneratePayload.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/Serializer.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/Serializer.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/BeanShell1.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/BeanShell1.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/CommonsBeanutilsCollectionsLogging1.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/CommonsBeanutilsCollectionsLogging1.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/CommonsCollections1.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/CommonsCollections1.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/CommonsCollections2.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/CommonsCollections2.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/CommonsCollections3.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/CommonsCollections3.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/CommonsCollections4.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/CommonsCollections4.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/Groovy1.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/Groovy1.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/Jdk7u21.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/Jdk7u21.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/ObjectPayload.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/ObjectPayload.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/Spring1.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/Spring1.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/annotation/Dependencies.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/annotation/Dependencies.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/util/ClassFiles.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/util/ClassFiles.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/util/Gadgets.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/util/Gadgets.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/util/PayloadRunner.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/util/PayloadRunner.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/payloads/util/Reflections.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/payloads/util/Reflections.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/secmgr/DelegateSecurityManager.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/secmgr/DelegateSecurityManager.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/secmgr/ExecCheckingSecurityManager.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/secmgr/ExecCheckingSecurityManager.java -------------------------------------------------------------------------------- /src/main/java/ysoserial/secmgr/ThreadLocalSecurityManager.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/JavaSerialKiller/HEAD/src/main/java/ysoserial/secmgr/ThreadLocalSecurityManager.java --------------------------------------------------------------------------------