| 2016-11-24 | java Deserialization Cheat Sheet | BaCde | 2187 | |
| 2016-11-16 | jSQL Injection v0.77 - Java application for automatic SQL database injection | vicker | 5106 | |
| 2016-11-15 | Pwning Your Java Messaging With Deserialization Vulnerabilities[PDF] | BaCde | 2073 | |
| 2016-11-05 | Java反序列化工具 — Java Deserialization Exp Tools | ourren | 5247 | |
| 2016-10-28 | Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622 | BlackCastle | 5766 | |
| 2016-10-23 | Exploit generation and JavaScript analysis automation with WinDBG | ourren | 3775 | |
| 2016-10-18 | Palo Alto Networks Discovers Two Adobe Reader Privileged JavaScript Zero-Days | ourren | 3727 | |
| 2016-10-03 | jSQL Injection: a Java application for automatic SQL database injection | ourren | 2394 | |
| 2016-08-14 | 无回显命令执行PoC编写方法(Apache Shiro Java反序列化) | re4lity | 3604 | |
| 2016-08-13 | httphijack: 使用Javascript实现前端防御http劫持及防御XSS攻击 | ourren | 2491 | |
