JavaVulnSummaryDecember 2, 2021 · View on GitHub用来练习Java代码审计的集合。 分析文章代码地址由JDK7u21反序列化漏洞引起的对TemplatesImpl的深入学习https://github.com/R17a-17/JavaVulnSummary/tree/main/ysoserial/src/main/java/com/r17a/ysoserial/jdk7u21关于JDK7u21 Gadgets两个问题的探讨https://github.com/R17a-17/JavaVulnSummary/tree/main/ysoserial/src/main/java/com/r17a/ysoserial/jdk7u21WebLogic CVE-2021-2135分析及POC构造遇到的问题https://github.com/R17a-17/JavaVulnSummary/blob/main/weblogic/src/main/java/com/r17a/weblogic/cve/CVE_2021_2135.java反序列化入口PriorityQueue分析及相关Gadget总结https://github.com/R17a-17/JavaVulnSummary/blob/main/weblogic/src/main/java/com/r17a/weblogic/https://github.com/R17a-17/JavaVulnSummary/tree/main/ysoserial/src/main/java/com/r17a/ysoserial/Java反序列化和集合之间的渊源https://github.com/R17a-17/JavaVulnSummary/tree/main/ysoserial/src/main/java/com/r17a/ysoserial/Jenkins Nested View插件XXE漏洞(CVE-2021-21680)分析Java XXE漏洞实验及总结https://github.com/R17a-17/JavaVulnSummary/tree/main/owasp/src/main/java/com/r17a/commonvuln/securitymissconfig/xxeJenkins Code Coverage API 插件漏洞分https://github.com/R17a-17/JavaVulnSummary/blob/main/jenkins/src/main/java/com/r17a/jenkins/CVE_2021_21677.javaJava命令执行总结https://github.com/R17a-17/JavaVulnSummary/tree/main/owasp/src/main/java/com/r17a/commonvuln/injection/commandJava文件操作类漏洞总结https://github.com/R17a-17/JavaVulnSummary/tree/main/owasp/src/main/java/com/r17a/commonvuln/fileJava SSRF漏洞总结https://github.com/R17a-17/JavaVulnSummary/blob/main/owasp/src/main/java/com/r17a/commonvuln/ssrf/Ssrf.java[URL跳转和重定向](https://r17a-17.github.io/2021/09/21/Java URL跳转总结/)Java SecurityManager学习https://github.com/R17a-17/JavaVulnSummary/tree/main/owasp/src/main/java/com/r17a/commonvuln/securitymissconfig/securitymanager一文读懂OGNL漏洞Java表达式注入https://github.com/R17a-17/JavaVulnSummary/tree/main/owasp/src/main/java/com/r17a/commonvuln/injection/expression