GrrrDog / Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
☆3,078Updated last year
Alternatives and similar repositories for Java-Deserialization-Cheat-Sheet:
Users that are interested in Java-Deserialization-Cheat-Sheet are comparing it to the libraries listed below
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,076Updated 11 months ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆3,897Updated 11 months ago
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,450Updated 5 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,394Updated 5 months ago
- ☆3,476Updated 2 months ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,610Updated 3 months ago
- ✍️ A curated list of CVE PoCs.☆3,374Updated 3 years ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,010Updated last year
- Automatic SSRF fuzzer and exploitation tool☆3,126Updated last month
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,020Updated 3 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,408Updated this week
- Deserialization payload generator for a variety of .NET formatters☆3,363Updated 3 months ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,766Updated 3 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆780Updated 3 years ago
- The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.☆3,062Updated 3 weeks ago
- HackBar plugin for Burpsuite☆1,563Updated 3 years ago
- Rip web accessible (distributed) version control systems: SVN/GIT/HG...☆1,721Updated 8 months ago
- This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…☆4,048Updated last year
- TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.☆1,604Updated 10 months ago
- A curated list of amazingly awesome Burp Extensions☆3,105Updated last month
- Create tar/zip archives that can exploit directory traversal vulnerabilities☆995Updated 3 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,072Updated 3 months ago
- Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.☆1,580Updated last week
- Linux Exploit Suggester; based on operating system release number☆1,784Updated 10 years ago
- Proof-of-Concept exploits for CVEs found by the team at Rhino Security Labs☆836Updated this week
- A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…☆2,532Updated 3 years ago
- Vulnerability Labs for security analysis☆1,167Updated 4 years ago
- latest version of scanners for IIS short filename (8.3) disclosure vulnerability☆1,499Updated last year
- MS17-010☆2,174Updated last year
- Web application fuzzer☆6,120Updated 7 months ago