GrrrDog / Java-Deserialization-Cheat-Sheet

Related projects ⓘ

Alternatives and complementary repositories for Java-Deserialization-Cheat-Sheet

• frohoff / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆7,804Updated 7 months ago
• epinna / tplmap
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆3,794Updated 7 months ago
• joaomatosf / jexboss
  JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
  ☆2,422Updated 4 years ago
• cujanovic / SSRF-Testing
  SSRF (Server Side Request Forgery) testing resources
  ☆2,352Updated last month
• qazbnm456 / awesome-cve-poc
  ✍️ A curated list of CVE PoCs.
  ☆3,324Updated 2 years ago
• tarunkant / Gopherus
  This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
  ☆2,873Updated last year
• 1N3 / IntruderPayloads
  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…
  ☆3,684Updated 3 years ago
• enjoiz / XXEinjector
  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
  ☆1,540Updated 4 years ago
• swisskyrepo / SSRFmap
  Automatic SSRF fuzzer and exploitation tool
  ☆3,000Updated 5 months ago
• mbechler / marshalsec
  ☆3,403Updated last year
• pwntester / ysoserial.net
  Deserialization payload generator for a variety of .NET formatters
  ☆3,238Updated 5 months ago
• snoopysecurity / awesome-burp-extensions
  A curated list of amazingly awesome Burp Extensions
  ☆3,000Updated this week
• AonCyberLabs / Windows-Exploit-Suggester
  This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…
  ☆3,971Updated last year
• JackOfMostTrades / gadgetinspector
  A byte code analyzer for finding deserialization gadget chains in Java applications
  ☆996Updated 3 years ago
• d3vilbug / HackBar
  HackBar plugin for Burpsuite
  ☆1,540Updated 3 years ago
• sensepost / reGeorg
  The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
  ☆3,031Updated 4 years ago
• ohpe / juicy-potato
  A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…
  ☆2,422Updated 2 years ago
• InteliSecureLabs / Linux_Exploit_Suggester
  Linux Exploit Suggester; based on operating system release number
  ☆1,779Updated 10 years ago
• abatchy17 / WindowsExploits
  Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.
  ☆1,829Updated 4 years ago
• federicodotta / Java-Deserialization-Scanner
  All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
  ☆776Updated 3 years ago
• summitt / Nope-Proxy
  TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
  ☆1,560Updated 5 months ago
• ambionics / phpggc
  PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
  ☆3,248Updated last month
• kost / dvcs-ripper
  Rip web accessible (distributed) version control systems: SVN/GIT/HG...
  ☆1,706Updated 4 months ago
• quentinhardy / odat
  ODAT: Oracle Database Attacking Tool
  ☆1,619Updated 3 months ago
• BuffaloWill / oxml_xxe
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,037Updated 4 months ago
• sleventyeleven / linuxprivchecker
  linuxprivchecker.py -- a Linux Privilege Escalation Check Script
  ☆1,569Updated 2 years ago
• jondonas / linux-exploit-suggester-2
  Next-Generation Linux Kernel Exploit Suggester
  ☆1,858Updated last year
• The-Z-Labs / linux-exploit-suggester
  Linux privilege escalation auditing tool
  ☆5,660Updated 9 months ago
• worawit / MS17-010
  MS17-010
  ☆2,146Updated last year
• xmendez / wfuzz
  Web application fuzzer
  ☆5,968Updated 3 months ago