GitHubSecurityLab / ruby-unsafe-deserializationLinks
Proof of Concepts for unsafe deserialization in Ruby
☆16Updated 8 months ago
Alternatives and similar repositories for ruby-unsafe-deserialization
Users that are interested in ruby-unsafe-deserialization are comparing it to the libraries listed below
Sorting:
- ☆16Updated 3 years ago
- A collection of utilities for building extensions using Burp's Montoya API☆50Updated last year
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Updated 3 months ago
- ☆19Updated 3 months ago
- Dependency Confusion Security Testing Tool☆47Updated 2 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆32Updated 3 months ago
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆12Updated 2 years ago
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆20Updated 9 months ago
- Prototype Pollution exploits collection☆34Updated 3 years ago
- Same Origin XSS challenge☆62Updated 3 years ago
- Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes☆31Updated 2 years ago
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆17Updated last year
- An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition☆28Updated 7 years ago
- Utility for creating ZipSlip archives☆73Updated 2 years ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆41Updated 6 months ago
- ☆36Updated 2 months ago
- ☆72Updated 3 years ago
- Chrome extension to detect possible xsleaks☆12Updated 6 years ago
- An extension to use Semgrep inside Burp Suite.☆89Updated last month
- Additional active scan checks for BURP☆27Updated 8 months ago
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- Make better use of the embedded browser that comes by default with Burp☆43Updated last year
- A collection of my Semgrep rules☆49Updated last year
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Updated 9 months ago
- ☆14Updated 3 weeks ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆50Updated last year
- Burp extension to generate multi-step CSRF POC.☆30Updated 5 years ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆50Updated last month
- Argument Injection in Dragonfly Ruby Gem☆16Updated 4 years ago
- Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations☆61Updated last week