BishopFox / ysoserial-bfLinks
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆29Updated last year
Alternatives and similar repositories for ysoserial-bf
Users that are interested in ysoserial-bf are comparing it to the libraries listed below
Sorting:
- Utility for creating ZipSlip archives☆74Updated 2 years ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆89Updated last year
- ☆38Updated 2 months ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆98Updated last year
- Exploits targeting vBulletin.☆76Updated 2 years ago
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆57Updated last year
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆89Updated last year
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆60Updated 2 years ago
- PoC repository for CVE-2023-29007☆33Updated 2 years ago
- Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.☆54Updated last year
- Authentication Bypass in GoAnywhere MFT☆63Updated last year
- Arbitrary File Disclosure Vulnerability in Icinga Web 2 <2.8.6, <2.9.6, <2.10☆13Updated 2 years ago
- Deserialization payload generator for a variety of .NET formatters☆111Updated last week
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆34Updated 8 months ago
- CVE-2023-33733 reportlab RCE☆120Updated last year
- Golden collection of weak passwords☆66Updated 8 months ago
- Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409) exploit☆82Updated 10 months ago
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆21Updated 8 months ago
- Dockerized POC for CVE-2022-42889 Text4Shell☆76Updated 2 years ago
- Exploit for CVE-2024-27198 - TeamCity Server☆33Updated 8 months ago
- This extension enhances Burp Suite by adding several UI and functional features, making it more user-friendly.☆70Updated 8 months ago
- F5 BIG-IP RCE exploitation (CVE-2022-1388)☆88Updated 3 years ago
- CVE-2024-23897 jenkins-cli☆15Updated last year
- Zimbra <9.0.0.p27 RCE☆104Updated 2 years ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆20Updated 7 months ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆72Updated 3 years ago
- CVE-2022-41852 Proof of Concept (unofficial)☆75Updated 2 years ago
- ☆39Updated 2 years ago
- ☆68Updated 7 months ago
- Juniper Firewalls CVE-2023-36845 - RCE☆51Updated last year