Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"
☆210Mar 9, 2023Updated 3 years ago
Alternatives and similar repositories for json-interop-vuln-labs
Users that are interested in json-interop-vuln-labs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Prototype Pollution and useful Script Gadgets☆1,634Jan 27, 2024Updated 2 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆980Dec 31, 2021Updated 4 years ago
- A vulnerable application exposing Spring Boot Actuators☆123Feb 25, 2019Updated 7 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆661Feb 21, 2024Updated 2 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆616Mar 4, 2021Updated 5 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- ☆94Sep 18, 2021Updated 4 years ago
- A Burp extension to show the Collaborator client in a tab☆24Dec 23, 2022Updated 3 years ago
- ☆1,201Sep 2, 2022Updated 3 years ago
- A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.☆30Mar 2, 2022Updated 4 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,177May 26, 2023Updated 3 years ago
- Client Side Prototype Pollution Scanner☆529Sep 17, 2022Updated 3 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆347Nov 20, 2022Updated 3 years ago
- 🐙 Cross-document messaging security research tool powered by https://enso.security☆304May 22, 2023Updated 3 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆111Jan 30, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications☆63Jan 29, 2021Updated 5 years ago
- A cheatsheet for exploiting server-side SVG processors.☆802Jul 2, 2020Updated 5 years ago
- Java RMI Vulnerability Scanner☆921Jul 3, 2024Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,507Oct 12, 2024Updated last year
- Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)☆849Feb 9, 2024Updated 2 years ago
- ☆246Jun 23, 2026Updated last week
- Make exploiting race conditions in web applications highly efficient and ease-of-use.☆26Jun 18, 2025Updated last year
- JMX enumeration and attacking tool.☆505Jun 26, 2025Updated last year
- ☆148Feb 17, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆661Feb 1, 2025Updated last year
- Content-Type Research☆668Jun 29, 2025Updated last year
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆608May 17, 2019Updated 7 years ago
- jws2pubkey tool☆46Jun 27, 2025Updated last year
- List of Trusted Types bypasses☆102Apr 15, 2024Updated 2 years ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆530Apr 23, 2025Updated last year
- ☆698Jul 4, 2022Updated 3 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- ☆98Dec 4, 2025Updated 6 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Hidden parameters discovery suite☆2,070Sep 8, 2024Updated last year
- ☆1,443Jun 15, 2026Updated 2 weeks ago
- Identify virtual hosts by similarity comparison☆141Mar 18, 2026Updated 3 months ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆581Sep 7, 2021Updated 4 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆683Jan 28, 2024Updated 2 years ago
- Differential testing framework for HTTP implementations☆936May 28, 2026Updated last month
- ☆563Mar 27, 2025Updated last year