Swordfish-Security / Checkmarx-Custom-Query-Rules

Related projects: ⓘ

• KTH-LangSec / SerialDetector
  A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications
  ☆59Updated 3 years ago
• aurainfosec / xss_payloads
  XSS payloads for edge cases
  ☆34Updated 5 years ago
• JavanXD / Demo-Exploit-Jackson-RCE
  Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.
  ☆17Updated 5 years ago
• EdoardoVignati / java-deserialization-of-untrusted-data-poc
  Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data
  ☆26Updated 3 years ago
• PalindromeLabs / Java-Deserialization-CVEs
  Compiled dataset of Java deserialization CVEs
  ☆60Updated 4 years ago
• NSTikhomirov / XSSEye
  ☆10Updated this week
• wrvenkat / burp-multistep-csrf-poc
  Burp extension to generate multi-step CSRF POC.
  ☆29Updated 4 years ago
• Metnew / write-ups
  ☆33Updated 2 years ago
• jas502n / CVE-2019-8451
  Jira未授权SSRF漏洞
  ☆31Updated 4 years ago
• mez-0 / ssti-payload
  ☆26Updated this week
• synacktiv / mojarragadget
  ☆16Updated 2 years ago
• B1anda0 / CVE-2020-8209
  该脚本为Citrix XenMobile 目录遍历漏洞（CVE-2020-8209）批量检测脚本。
  ☆31Updated 3 years ago
• nscuro / bradamsa-ng
  Burp Suite extension for Radamsa-powered fuzzing with Intruder
  ☆18Updated 2 years ago
• intruder-io / rebind-server
  A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers
  ☆11Updated last year
• vah13 / Oracle-BI-bugs
  ☆34Updated 5 years ago
• tarunkant / fuzzphunc
  This repo contains the lazyFuzzer and the Report on the output from the same
  ☆15Updated 4 years ago
• hackvertor / taborator
  A Burp extension to show the Collaborator client in a tab
  ☆22Updated last year
• synacktiv / burp-jq
  Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.
  ☆42Updated 3 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆37Updated last year
• orangetw / JNDI-Injection-Bypass
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆9Updated 4 years ago
• rastating / CVE-2019-0708
  ☆10Updated this week
• PortSwigger / freddy-deserialization-bug-finder
  ☆41Updated 4 years ago
• ettic-team / EndpointFinder-Burp
  ☆31Updated 5 years ago
• s1kr10s / BurpFuzz
  ☆12Updated 4 years ago
• RootUp / PHDays9
  My fuzzing workshop from PHDays9
  ☆27Updated 5 years ago
• newtonguass / ADPenLab
  ☆32Updated 4 years ago
• cnotin / RazorVulnerableApp
  DO NOT USE: this is a vulnerable ASP.NET web app using Razor templating engine. The vulnerability is a Server-Side Template Injection (SS…
  ☆26Updated 4 years ago
• peterjson31337 / tetctf2021
  tetctf2020_amf_writeups
  ☆23Updated 3 years ago
• yuske / DeReviewer
  ☆18Updated last year
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆121Updated 6 years ago