GitHubSecurityLab / ruby-unsafe-deserializationLinks
Proof of Concepts for unsafe deserialization in Ruby
☆17Updated last year
Alternatives and similar repositories for ruby-unsafe-deserialization
Users that are interested in ruby-unsafe-deserialization are comparing it to the libraries listed below
Sorting:
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆54Updated 3 weeks ago
- Same Origin XSS challenge☆64Updated 3 years ago
- ☆16Updated 4 years ago
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- List of Trusted Types bypasses☆102Updated last year
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆52Updated 2 years ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆42Updated 10 months ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆33Updated 7 months ago
- ☆72Updated 3 years ago
- ☆34Updated last year
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆31Updated 5 months ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Updated 7 months ago
- A collection of utilities for building extensions using Burp's Montoya API☆52Updated this week
- ☆85Updated 4 months ago
- A collection of my Semgrep rules☆50Updated 2 years ago
- ☆23Updated 7 months ago
- Awesome MXSS ??☆54Updated last year
- An extension to use Semgrep inside Burp Suite.☆89Updated 5 months ago
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆14Updated 2 years ago
- Client-Side Prototype Pollution Tools☆85Updated 4 years ago
- ☆56Updated 4 years ago
- Prototype Pollution exploits collection☆34Updated 4 years ago
- Manager of third-party sources of Semgrep rules 🗂☆90Updated last year
- ☆169Updated 4 years ago
- Dependency Confusion Security Testing Tool☆51Updated 3 years ago
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆19Updated last year
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)☆59Updated 6 months ago
- A curated list of argument injection vectors☆41Updated 9 months ago
- ☆31Updated 2 years ago
- Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes☆32Updated 2 years ago