JLLeitschuh / security-research
Public disclosure channel for security vulnerabilities
☆16Updated 9 months ago
Related projects: ⓘ
- My CodeQL queries collection☆93Updated last year
- Collection of community-driven CodeQL query, library and extension packs☆64Updated last month
- Ready to use docker image for CodeQL☆88Updated 8 months ago
- Custom / Experimental CodeQL queries☆37Updated 2 years ago
- Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.☆23Updated 2 years ago
- CodeQL model generation for Go.☆17Updated 3 years ago
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)☆49Updated 5 months ago
- Sample Spring application to Demonstrate the Gateway Actuator☆48Updated 2 years ago
- GH CLI CodeQL Scan Extension☆17Updated this week
- An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations…☆25Updated 2 years ago
- Several XStream gadgets ported from ysoserial☆32Updated 2 years ago
- Intentionally Vulnerable to Spring4Shell☆51Updated 2 years ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆54Updated last year
- ☆33Updated 2 years ago
- ☆69Updated 2 years ago
- Utility for creating ZipSlip archives☆66Updated last year
- CodeQL database manager☆44Updated 7 months ago
- RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro …☆106Updated 3 years ago
- tetctf2020_amf_writeups☆23Updated 3 years ago
- A project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692☆36Updated last year
- ☆56Updated last year
- ☆22Updated last year
- S2-061 CVE-2020-17530☆29Updated 3 years ago
- ☆54Updated 3 years ago
- Spring4Shell reproduce☆11Updated 2 years ago
- Compiled dataset of Java deserialization CVEs☆60Updated 4 years ago
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database☆103Updated 4 years ago
- Gopher Tomcat Deployer☆47Updated 5 years ago
- Place for random PoCs☆17Updated 4 years ago
- Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules☆91Updated last week