BishopFox / ysoserial-bfLinks
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆29Updated last year
Alternatives and similar repositories for ysoserial-bf
Users that are interested in ysoserial-bf are comparing it to the libraries listed below
Sorting:
- Utility for creating ZipSlip archives☆78Updated 2 years ago
- ☆40Updated 3 months ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆89Updated last year
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆57Updated last year
- Burp Extension to add additional functionality for pentesting websocket based applications☆99Updated last month
- Exploits targeting vBulletin.☆75Updated 2 years ago
- Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.☆55Updated last year
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆90Updated last year
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆21Updated 10 months ago
- CVE-2023-33733 reportlab RCE☆119Updated 2 years ago
- Deserialization payload generator for a variety of .NET formatters☆116Updated last month
- Dockerized POC for CVE-2022-42889 Text4Shell☆77Updated 2 years ago
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆34Updated 9 months ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆61Updated 2 years ago
- PoC repository for CVE-2023-29007☆34Updated 2 years ago
- Authentication Bypass in GoAnywhere MFT☆64Updated last year
- Repository to store exploits created by Assetnotes Security Research team☆182Updated last year
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆51Updated last year
- ☆68Updated 8 months ago
- ☆39Updated 2 years ago
- ☆27Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆72Updated 3 years ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆21Updated 8 months ago
- Make better use of the embedded browser that comes by default with Burp☆45Updated last year
- Lexmark CVE-2023-26067☆27Updated 2 years ago
- ☆24Updated 10 months ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆27Updated last year
- Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic …☆43Updated 3 years ago
- A Burp Suite extension for finding DNS vulnerabilities in web applications!☆95Updated 2 years ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆65Updated last year