Java serialization brute force attack tool.
☆125Aug 18, 2017Updated 8 years ago
Alternatives and similar repositories for SerialBrute
Users that are interested in SerialBrute are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Java deserialization exploitation lab.☆237Mar 1, 2019Updated 7 years ago
- A tool to dump Java serialization streams in a more human readable form.☆1,075Jun 21, 2024Updated 2 years ago
- Java RMI enumeration and attack tool.☆748Sep 28, 2017Updated 8 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Mar 24, 2017Updated 9 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Java Message Exploitation Tool☆509Jul 6, 2022Updated 3 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 10 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆153Feb 25, 2019Updated 7 years ago
- A collection of curated Java Deserialization Exploits☆594May 16, 2021Updated 5 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,177May 26, 2023Updated 3 years ago
- All about CVE-2018-14667; From what it is to how to successfully exploit it.☆50Nov 30, 2018Updated 7 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆222Updated this week
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆389Apr 16, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Burp Suite Collaborator HTTP API☆44May 27, 2018Updated 8 years ago
- ☆17Oct 25, 2018Updated 7 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆581Sep 7, 2021Updated 4 years ago
- Mogwai Java Management Extensions (JMX) Exploitation Toolkit☆175Jul 21, 2016Updated 9 years ago
- Burp plugin to do random fuzzing of HTTP requests☆34Jan 31, 2017Updated 9 years ago
- Burp extension☆59Jun 18, 2018Updated 8 years ago
- 更快速的进行Web应用指纹识别☆170May 9, 2019Updated 7 years ago
- Web Security Technology & Vulnerability Analysis Whitepapers☆550Jan 1, 2019Updated 7 years ago
- A static byte code analyzer for Java deserialization gadget research☆253Apr 17, 2017Updated 9 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).☆522Mar 11, 2022Updated 4 years ago
- Remote Command Execution Over Spark☆97Feb 21, 2026Updated 4 months ago
- CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability☆331Dec 30, 2018Updated 7 years ago
- Run remote system commands from Oracle connection - oracle exec command perl☆12Jun 6, 2015Updated 11 years ago
- PoC for Scala and Groovy☆14Apr 4, 2016Updated 10 years ago
- python audit tool 审计 注入 inject☆183Feb 25, 2016Updated 10 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆745May 4, 2019Updated 7 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Sep 30, 2018Updated 7 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆55Mar 27, 2017Updated 9 years ago
- a webshell resides in the memory of java web server☆703Jun 26, 2018Updated 8 years ago
- Web App Monitor☆227Sep 20, 2018Updated 7 years ago
- 一个用于识别目标网站是否采用Struts2框架开发的工具demo☆163Jan 23, 2018Updated 8 years ago
- A fake JDBC driver that allows OS command execution.☆126Oct 2, 2022Updated 3 years ago
- A python3 program to filter Burp Suite log file.☆77May 26, 2016Updated 10 years ago
- ☆77Feb 17, 2017Updated 9 years ago