IOActive / jdwp-shellifier
☆858Updated last year
Alternatives and similar repositories for jdwp-shellifier:
Users that are interested in jdwp-shellifier are comparing it to the libraries listed below
- Java RMI enumeration and attack tool.☆731Updated 7 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆783Updated 3 years ago
- Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).☆501Updated 3 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,029Updated 3 years ago
- J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…☆659Updated last year
- Java Message Exploitation Tool☆502Updated 2 years ago
- A collection of curated Java Deserialization Exploits☆593Updated 3 years ago
- SHELLING - a comprehensive OS command injection payload generator☆444Updated 5 years ago
- Dirty Cow exploit - CVE-2016-5195☆883Updated 4 years ago
- A tool to dump Java serialization streams in a more human readable form.☆1,017Updated 10 months ago
- PoC for Dirty COW (CVE-2016-5195)☆498Updated 3 years ago
- TCP tunneling over HTTP/HTTPS for web application servers☆735Updated 8 years ago
- A CVE-2016-5195 exploit example.☆326Updated 8 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆352Updated 3 years ago
- an IIS shortname Scanner☆546Updated 2 years ago
- Add headers to all Burp requests to bypass some WAF products☆331Updated 7 years ago
- ☆493Updated 9 years ago
- TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.☆1,610Updated 11 months ago
- Rogue MySql Server☆469Updated 11 years ago
- ☆419Updated 7 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆515Updated 4 years ago
- MySQL fake server for read files of connected clients☆598Updated 7 years ago
- ☆470Updated last year
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆576Updated 3 years ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,619Updated 4 months ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆603Updated 5 years ago
- Redis(<=5.0.5) RCE☆1,051Updated last year
- A tool for embedding XXE/XML exploits into different filetypes☆1,074Updated 4 months ago
- The great impacket example scripts compiled for Windows☆950Updated 6 years ago
- WSDL Parser extension for Burp☆242Updated 6 years ago