DirectDefense-zz / SuperSerial-Active

Related projects: ⓘ

• webr0ck / WAF_Bypass_Helper
  ☆35Updated this week
• nccgroup / dotnetpaddingoracle
  Python Implementation of a .NET Padding Oracle Assessment Tool
  ☆30Updated 8 years ago
• silentsignal / burp-collab-gw
  Simple socket-based gateway to the Burp Collaborator
  ☆33Updated 7 years ago
• floyd-fuh / burp-HttpFuzzer
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Updated 7 years ago
• DirectDefense-zz / SuperSerial
  ☆75Updated this week
• GrrrDog / ACEDcup
  Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)
  ☆39Updated 8 years ago
• Gifts / XXE-OOB-Exploitation-Toolset-for-Automation
  XXE OOB Exploitation Toolset for Automation
  ☆63Updated 10 years ago
• breenmachine / various
  ☆20Updated 8 months ago
• Charliedean / PsexecSpray
  Spray SMB with hashes, Then psexec
  ☆32Updated 5 years ago
• yolosec / deserialize-server
  Demo server for testing Java deserialization payloads
  ☆15Updated 8 years ago
• omarkurt / cve-2014-0130
  cve-2014-0130 rails directory traversal vuln
  ☆18Updated 7 years ago
• hatRiot / rpcshell
  Axis2 RPC Shell
  ☆15Updated 9 years ago
• AppSecConsulting / Pentest-Tools
  Penetration Testing Tools Developed by AppSec Consulting.
  ☆48Updated 5 years ago
• penafieljlm / burp-tracer
  Allows you to trace where inputs are reflected back to the user.
  ☆37Updated 6 years ago
• vah13 / SAP_vulnerabilities
  DoS PoC's for SAP products
  ☆48Updated 6 years ago
• 0ang3el / Hibernate-Injection-Study
  Study about HQL injection exploitation.
  ☆48Updated 8 years ago
• jmxploit / jmxploit
  A tool to analyse JMX API security level.
  ☆43Updated 10 years ago
• smiegles / certs
  Parse X509 certificates to get the (sub)domains in it.
  ☆28Updated 6 years ago
• cyberpunkych / attacking_mongodb
  Files from Zeronights presentation.
  ☆28Updated 11 years ago
• v-egoshin / WindowsUploadToolkit
  PHDAYS |||
  ☆17Updated 11 years ago
• nahamsec / CMSFuzz
  ☆33Updated this week
• aur3lius-dev / SpyDir
  BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration
  ☆22Updated 6 years ago
• ewilded / SCARY
  PHP Source Code Analyzer written in Perl (taint checking)
  ☆18Updated 4 years ago
• swisskyrepo / Subdomino
  ☆26Updated this week
• tijme / similar-request-excluder
  A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.
  ☆43Updated 4 years ago
• GoSecure / break-fast-serial
  A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
  ☆54Updated 7 years ago
• h3xstream / burp-image-metadata
  Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).
  ☆13Updated last year
• debasishm89 / dotNetFuzz
  A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.
  ☆42Updated 5 years ago
• irsl / struts-any-results
  Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.
  ☆12Updated 5 years ago
• nccgroup / JDSer-ngng
  A Burp Extender plugin, that will deserialized java objects and encode them in XML using the Xtream library.
  ☆25Updated 9 years ago