Metnew / write-ups

Related projects ⓘ

Alternatives and complementary repositories for write-ups

• PalindromeLabs / Java-Deserialization-CVEs
  Compiled dataset of Java deserialization CVEs
  ☆60Updated 4 years ago
• hackvertor / taborator
  A Burp extension to show the Collaborator client in a tab
  ☆23Updated last year
• pimps / gopher-tomcat-deployer
  Gopher Tomcat Deployer
  ☆47Updated 6 years ago
• Al1ex / CVE-2020-35728
  CVE-2020-35728 & Jackson-databind RCE
  ☆41Updated 3 years ago
• x41sec / BeanStack
  X41 BeanStack - Stack Trace Fingerprinting BETA
  ☆52Updated 4 years ago
• ka1n4t / CVE-2020-17530
  ☆65Updated 3 years ago
• peterjson31337 / tetctf2021
  tetctf2020_amf_writeups
  ☆23Updated 3 years ago
• Haxel0rd / haxel0rds
  Some private tools i decided to release for public.
  ☆49Updated 8 months ago
• B1anda0 / CVE-2020-8209
  该脚本为Citrix XenMobile 目录遍历漏洞（CVE-2020-8209）批量检测脚本。
  ☆31Updated 3 years ago
• PortSwigger / reissue-request-scripter
  ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
  ☆29Updated 2 years ago
• synacktiv / mojarragadget
  ☆15Updated 3 years ago
• B1anda0 / CVE-2020-17519
  Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)
  ☆47Updated 3 years ago
• Al1ex / CVE-2020-17530
  S2-061 CVE-2020-17530
  ☆29Updated 3 years ago
• vah13 / Oracle-BI-bugs
  ☆34Updated 5 years ago
• jas502n / CVE-2019-8451
  Jira未授权SSRF漏洞
  ☆31Updated 5 years ago
• intruder-io / rebind-server
  A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers
  ☆11Updated last year
• KTH-LangSec / SerialDetector
  A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications
  ☆62Updated 3 years ago
• spaceraccoon / spring-boot-actuator-h2-rce
  Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database
  ☆104Updated 4 years ago
• kahla-sec / CVE-2021-27850_POC
  A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution.
  ☆5Updated last year
• JavanXD / Demo-Exploit-Jackson-RCE
  Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.
  ☆17Updated 5 years ago
• jackadamson / CVE-2021-26700
  RCE in NPM VSCode Extension
  ☆20Updated 3 years ago
• orangetw / JNDI-Injection-Bypass
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆9Updated 4 years ago
• IdealDreamLast / CVE-2020-9484
  用Kali 2.0复现Apache Tomcat Session反序列化代码执行漏洞
  ☆52Updated 4 years ago
• securifera / CVE-2019-1579
  ☆63Updated 5 years ago
• EdoardoVignati / java-deserialization-of-untrusted-data-poc
  Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data
  ☆26Updated 3 years ago
• aurainfosec / xss_payloads
  XSS payloads for edge cases
  ☆34Updated 6 years ago
• LoRexxar / log_dependency_checklist
  Dependencies with Log4j2 Checklist
  ☆35Updated 2 years ago
• s1kr10s / BurpFuzz
  ☆13Updated 4 years ago