NotSoCereal: A Deserialization exploit playground
☆54Jan 13, 2022Updated 4 years ago
Alternatives and similar repositories for NotSoCereal-Lab
Users that are interested in NotSoCereal-Lab are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Checklist for pentests, handy commands for to remembers, and a few tools to work on here and there. Far from complete!☆26Jul 28, 2023Updated 2 years ago
- Notes for the CRTO exam☆10May 22, 2022Updated 4 years ago
- ☆20Sep 6, 2023Updated 2 years ago
- CVE-2024-0044☆12Aug 24, 2024Updated last year
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Sep 11, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Framework for blind boolean-based sql injections exploatation. Use it if sqlmap does shit.☆29Mar 26, 2022Updated 4 years ago
- Pentest stuff☆51Nov 30, 2023Updated 2 years ago
- POC for CVE-2020-9484☆13Feb 10, 2021Updated 5 years ago
- A collection of Turbo Intruder scripts.☆73Feb 1, 2025Updated last year
- Run all your bug bounty VPN profiles in parallel and expose them via multiple local SOCKS proxies.☆113Nov 14, 2021Updated 4 years ago
- Chat.JS - Vulnerable NodeJS Web-App to practice NoSQLi and Deserialization exploitation☆32Mar 21, 2021Updated 5 years ago
- ☆21May 25, 2025Updated last year
- Semgrep rules to identify GWT attack surface☆12Apr 28, 2022Updated 4 years ago
- This script helps to identify CVE-2021-26855 ssrf Poc☆23Mar 10, 2021Updated 5 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆11Aug 18, 2022Updated 3 years ago
- A quick ‘n dirty nmap parser written in Golang to convert nmap xml to IP:Port notation.☆128Jul 3, 2024Updated last year
- Basic implementation of certstream to print new subdomains and domains☆36Jul 6, 2021Updated 4 years ago
- TESTR - A Vulnerable Python Web-App to practice XSS and Command Injection☆43Oct 8, 2022Updated 3 years ago
- A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headers☆42Dec 13, 2021Updated 4 years ago
- Yet another Werkzeug Console Pin Exploit Explanation☆23Jul 30, 2021Updated 4 years ago
- 🐞 Understand how cross-site scripting occurs, how to detect and exploit XSS vulnerabilities, giving you control of other visitor's brows…☆13Nov 24, 2025Updated 7 months ago
- ☆148Sep 17, 2025Updated 9 months ago
- 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新☆14Apr 18, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A tool to do basic fingerprinting across a large number of hosts☆11Oct 20, 2020Updated 5 years ago
- A simple Google Protobuf Decoder for Burp☆43Nov 22, 2022Updated 3 years ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆21Jan 20, 2025Updated last year
- Journey so Far☆33Feb 15, 2022Updated 4 years ago
- A Checklist for Offsec PEN-200 EXAM OSCP+ 2024☆70Oct 31, 2024Updated last year
- ☆33Jun 19, 2021Updated 5 years ago
- ☆72Jun 26, 2022Updated 4 years ago
- This extension replaces the default repeater tab name with the URL path of the repeater request.☆25Sep 3, 2021Updated 4 years ago
- A simple web application vulnerability lab made for the HackerOne Veterans day event☆17Mar 10, 2021Updated 5 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- A very high performance Domain Name parser package in Go.☆48Aug 27, 2021Updated 4 years ago
- Shell script to set up Kali VMs for CTFs - installs tools and adds aliases to Bash and Zsh profiles.☆16Dec 30, 2025Updated 6 months ago
- ☆106Jan 3, 2023Updated 3 years ago
- Simple tool to decrypt Jenkins encrypted strings☆81Jun 27, 2023Updated 3 years ago
- An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228☆12Dec 12, 2021Updated 4 years ago
- A red team emulation tool deveoped by CyCraft Technology☆25Apr 18, 2024Updated 2 years ago
- ORDER - A small Python web-app to practice blind SQLi in order by☆22Mar 21, 2021Updated 5 years ago