A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications
☆63Jan 29, 2021Updated 5 years ago
Alternatives and similar repositories for SerialDetector
Users that are interested in SerialDetector are comparing it to the libraries listed below
Sorting:
- Subdomain finder☆10Mar 13, 2025Updated 11 months ago
- A static analysis API for finding deserialization attack gadgets☆38Nov 7, 2022Updated 3 years ago
- A python-based padding oracle tool☆20Aug 14, 2024Updated last year
- Accelerated execution for fast Windows fuzzing☆25Jan 9, 2025Updated last year
- Behinder source code☆174Nov 1, 2021Updated 4 years ago
- Collection of CTF Web challenges I made☆53Apr 25, 2023Updated 2 years ago
- This novel black-box web vulnerability scanner attempts to infer the state machine of the web application.☆19Mar 12, 2020Updated 5 years ago
- Tomcat的Filter型免杀内存马,主要思路是Bypass各种检查手段☆10Nov 26, 2021Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- POC for CVE-2018-1273☆24Jun 5, 2018Updated 7 years ago
- Tool for making it easy to collect dns results from the CLI☆40Aug 14, 2024Updated last year
- woodpecker框架专用bcel库☆12Apr 30, 2021Updated 4 years ago
- Find unicode codepoints to use in normalisation and transformation attacks.☆11Mar 15, 2021Updated 4 years ago
- Interactsh deployment to AWS EC2 Instance with Terraform☆11Dec 29, 2021Updated 4 years ago
- Windows Security Resources☆74Jan 14, 2022Updated 4 years ago
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database☆108Jan 26, 2020Updated 6 years ago
- AWD 文件监控☆28Sep 14, 2023Updated 2 years ago
- tetctf2020_amf_writeups☆23Jan 3, 2021Updated 5 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,079Jun 15, 2021Updated 4 years ago
- Pentest Q&A trick written in Vietnamese☆11May 16, 2019Updated 6 years ago
- clfs CVE 的一些 POC 收集☆16Oct 27, 2022Updated 3 years ago
- Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.☆13Aug 4, 2025Updated 6 months ago
- Collect public CTF source code repo☆48Sep 26, 2021Updated 4 years ago
- My security presentations☆29Aug 21, 2023Updated 2 years ago
- Client-Side Prototype Pollution Tools☆86Sep 21, 2021Updated 4 years ago
- Java After-Deserialization Attack☆79Apr 26, 2021Updated 4 years ago
- 清除基于java agent木马☆80Apr 12, 2021Updated 4 years ago
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- ☆13Oct 3, 2023Updated 2 years ago
- Heaps Don't Lie! Analyzes standard JVM and Android heap snapshots to improve the completeness of program analysis tools such as Doop.☆16Updated this week
- ☆14Jul 14, 2020Updated 5 years ago
- 一些Java RASP demo☆11Sep 26, 2019Updated 6 years ago
- PatchFuzz: Fuzzing for JavaScript Engine Incomplete Security Patches☆19Dec 17, 2025Updated 2 months ago
- Take domains on stdin and output them on stdout if they get resolved☆32May 27, 2022Updated 3 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆211Mar 9, 2023Updated 2 years ago
- ☆29Jan 10, 2023Updated 3 years ago
- ☆14Dec 22, 2020Updated 5 years ago
- Utility to pull disclosed vulnerabilities from HackerOne private programs - for personal use only☆13Aug 22, 2021Updated 4 years ago
- WAF Environment for OpenAI Gym☆14Dec 13, 2020Updated 5 years ago