GitHubSecurityLab / ruby-unsafe-deserialization
Proof of Concepts for unsafe deserialization in Ruby
☆12Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for ruby-unsafe-deserialization
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)☆49Updated 6 months ago
- ☆15Updated 3 years ago
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆11Updated last year
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆55Updated last week
- An extension to use Semgrep inside Burp Suite.☆87Updated last year
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Updated 2 months ago
- Same Origin XSS challenge☆56Updated 2 years ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆40Updated last year
- Dependency Confusion Security Testing Tool☆39Updated 2 years ago
- Utility for creating ZipSlip archives☆66Updated last year
- A curated list of argument injection vectors☆37Updated 2 months ago
- ☆33Updated 2 years ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆29Updated 2 weeks ago
- A collection of my Semgrep rules☆47Updated last year
- tetctf2020_amf_writeups☆23Updated 3 years ago
- ☆55Updated 3 years ago
- ☆15Updated 3 years ago
- a Ruby implementation of Java's ObjectInputStream and ObjectOutputStream.☆16Updated 2 years ago
- A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications☆62Updated 3 years ago
- jws2pubkey tool☆37Updated 5 months ago
- ☆69Updated 3 years ago
- Argument Injection in Dragonfly Ruby Gem☆16Updated 3 years ago
- an Evil Java RMI Registry.☆45Updated last year
- Manager of third-party sources of Semgrep rules 🗂☆76Updated 3 months ago
- A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…☆17Updated last year
- ☆92Updated 3 years ago
- Prototype Pollution exploits collection☆30Updated 3 years ago
- Collection of community-driven CodeQL query, library and extension packs☆69Updated this week
- ☆31Updated last year
- *Unofficial* lgtm.com CLI — Use at your own risk. Also don't add more than 3K projects to "My projects" list.☆13Updated 2 years ago