Accompanying material needed for the workshop
☆11Jun 14, 2023Updated 2 years ago
Alternatives and similar repositories for goinsecure-deserialization
Users that are interested in goinsecure-deserialization are comparing it to the libraries listed below
Sorting:
- It contain google dork to find the wsdl file.☆13May 27, 2020Updated 5 years ago
- DO NOT RUN THIS.☆10Jul 15, 2021Updated 4 years ago
- A collection of XSS Attack vectors☆10Apr 26, 2025Updated 10 months ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- Minimalist cheat sheet for developpers to write secure code☆54Jul 17, 2020Updated 5 years ago
- ☆18Feb 16, 2021Updated 5 years ago
- Journey to conquer the OSCP!☆13Apr 18, 2019Updated 6 years ago
- ☆29Jan 10, 2023Updated 3 years ago
- CVE-2020-1958 PoC☆22Apr 11, 2020Updated 5 years ago
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆55Mar 27, 2017Updated 8 years ago
- Pure Javascript Vault Client☆25Aug 29, 2016Updated 9 years ago
- For finding secrets, tokens and other common mistakes made by developers.☆12Oct 21, 2025Updated 5 months ago
- An easy to navigate list of unicode characters that have risky transformations 💥☆25Mar 22, 2022Updated 3 years ago
- CRLFMap is a tool to find HTTP Splitting vulnerabilities☆25Jul 31, 2020Updated 5 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆19Jun 28, 2018Updated 7 years ago
- Wordlist to get files/ folders listed by the app that may expose passwords, sensitive file or folders☆22Jul 10, 2020Updated 5 years ago
- Payload generator that uses Metasploit and Veil. Takes IP address as input and calls Veil. Use msfvenom to create payloads and writes res…☆44Jul 24, 2019Updated 6 years ago
- Standardizing Security Titles☆13Dec 31, 2025Updated 2 months ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Sep 30, 2018Updated 7 years ago
- Amazon S3 bucket finder and crawler.☆155Dec 27, 2021Updated 4 years ago
- ☆10Sep 11, 2021Updated 4 years ago
- Python3 library for sophisticated timing attacks using Gaussian Mixture Model.☆22Apr 10, 2022Updated 3 years ago
- Ghost Blog Docker Container☆10Jun 28, 2021Updated 4 years ago
- Certificate based authentication example using Docker and NGINX☆10Jan 28, 2021Updated 5 years ago
- https://jira.atlassian.com/browse/JRASERVER-69793☆10Sep 16, 2019Updated 6 years ago
- My notes of Day1 Day2 will be posted here as journey☆17Jan 6, 2021Updated 5 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- Dockerfiles for (un)popular fuzzers!☆30Apr 15, 2020Updated 5 years ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆20Oct 26, 2020Updated 5 years ago
- Burp Suite extension to easily export sub domains☆44Nov 29, 2019Updated 6 years ago
- ☆14Oct 1, 2021Updated 4 years ago
- golang distributed lock base on consul cluster☆10Apr 4, 2019Updated 6 years ago
- CLI script to use GadgetProbe as a library to generate serialized payloads of DNS callbacks to free DNSbin to probe what Java classpaths …☆14Jun 8, 2021Updated 4 years ago
- Pulse SSL VPN Arbitrary File Read burp extension☆24Sep 24, 2019Updated 6 years ago
- POC for GitLabs Authenticated RCE in version 11.4.7 community edition☆13Feb 8, 2021Updated 5 years ago
- Automatically exported from code.google.com/p/hookme☆13Oct 8, 2015Updated 10 years ago
- Collection of Some Good research Documentation☆27Dec 10, 2017Updated 8 years ago
- All the latest releases and files for x64dbg...☆13Nov 23, 2020Updated 5 years ago
- Burp extension to decode NTLM SSP headers and extract domain/host information☆31Mar 11, 2021Updated 5 years ago