Contrast-Security-OSS / vulnerable-spring-boot-application
☆13Updated 5 months ago
Related projects: ⓘ
- Spring-Boot app for demonstrating security vulnaribilities☆13Updated 5 years ago
- Jekyll Files for cloudsecwiki.com☆49Updated 3 years ago
- BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.☆61Updated last month
- Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…☆23Updated last year
- RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler☆20Updated 10 years ago
- Burp extension to passively scan for applications revealing software version numbers☆30Updated 3 months ago
- Custom Fortify SCA rules to detect common JSSE certification validation flaws☆11Updated 8 years ago
- Burp Suite extension to passively scan for applications revealing server error messages☆64Updated 9 months ago
- CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE☆32Updated 5 years ago
- Proof-of-concept CORS exploitation tool.☆34Updated 5 years ago
- A zero-dependency tool for finding secrets in directories☆10Updated 3 years ago
- Serverless Workshop☆16Updated last year
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆26Updated 2 years ago
- Open Security Summit 2019☆24Updated 3 years ago
- Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.☆24Updated 2 years ago
- General Open Architecture Security Questionnaire☆30Updated last year
- A Burp extension to show the Collaborator client in a tab☆36Updated last year
- A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use☆14Updated 6 years ago
- CSRF Scanner Extension for Burp Suite Pro☆19Updated 6 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 6 years ago
- A PoC that shows that Web Vulnerabilities can indeed be interesting☆19Updated 6 years ago
- Some helpful Helm Charts for pentesters☆38Updated 5 years ago
- A framework for automating penetration testing using a plugin based architecture☆34Updated 2 years ago
- cve-2014-0130 rails directory traversal vuln☆18Updated 7 years ago
- Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…☆15Updated last year
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆121Updated 6 years ago
- ☆35Updated 4 years ago
- Burp as a Docker Container☆59Updated 4 years ago
- An auto-scoring capture-the-flag game focusing on TOCTOU vulnerabilities☆18Updated 3 years ago
- ☆75Updated 11 years ago