Alternatives and similar repositories for Checkmarx-Custom-Query-Rules

Users that are interested in Checkmarx-Custom-Query-Rules are comparing it to the libraries listed below

• KTH-LangSec / SerialDetector
  A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications
  ☆63Updated 4 years ago
• EdoardoVignati / java-deserialization-of-untrusted-data-poc
  Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data
  ☆26Updated 3 years ago
• aurainfosec / xss_payloads
  XSS payloads for edge cases
  ☆34Updated 6 years ago
• jas502n / CVE-2019-8451
  Jira未授权SSRF漏洞
  ☆31Updated 5 years ago
• Metnew / write-ups
  ☆34Updated 3 years ago
• hackvertor / taborator
  A Burp extension to show the Collaborator client in a tab
  ☆23Updated 2 years ago
• 0ang3el / Hibernate-Injection-Study
  Study about HQL injection exploitation.
  ☆51Updated 9 years ago
• PalindromeLabs / Java-Deserialization-CVEs
  Compiled dataset of Java deserialization CVEs
  ☆61Updated 4 years ago
• jas502n / CVE-2019-10392
  CVE-2019-10392 RCE Jackson with Git Client Plugin 2.8.2 (Authenticated)
  ☆21Updated 5 years ago
• B1anda0 / CVE-2020-8209
  该脚本为Citrix XenMobile 目录遍历漏洞（CVE-2020-8209）批量检测脚本。
  ☆31Updated 4 years ago
• lorenzog / burpAddCustomHeader
  A Burp Suite extension to add a custom header (e.g. JWT)
  ☆19Updated 3 years ago
• orangetw / JNDI-Injection-Bypass
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆10Updated 5 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 2 years ago
• Al1ex / CVE-2020-35728
  CVE-2020-35728 & Jackson-databind RCE
  ☆43Updated 4 years ago
• ngo / burp-request-minimizer
  ☆17Updated 2 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆123Updated 7 years ago
• s1kr10s / BurpFuzz
  ☆13Updated 5 years ago
• mpgn / Slanger-RCE
  RCE in Slanger using deserialization of Ruby objects
  ☆11Updated 6 years ago
• KTN1990 / CVE-2019-10869
  (Wordpress) Ninja Forms File Uploads Extension <= 3.0.22 – Unauthenticated Arbitrary File Upload
  ☆17Updated 6 years ago
• wrvenkat / burp-multistep-csrf-poc
  Burp extension to generate multi-step CSRF POC.
  ☆30Updated 5 years ago
• PavelJurasek / PHPWander
  ☆23Updated 6 years ago
• atorralba / GHSL_CTF_4
  My solution for GitHub Security Lab CTF 4: CodeQL and Chill - The Java Edition
  ☆19Updated 4 years ago
• PortSwigger / java-serialized-payloads
  YSOSERIAL Integration with burp suite
  ☆40Updated 3 years ago
• nscuro / bradamsa-ng
  Burp Suite extension for Radamsa-powered fuzzing with Intruder
  ☆20Updated 3 years ago
• catenacyber / webfuzz
  ☆29Updated 4 years ago
• raadfhaddad / Insecure-Deserialization
  Insecure Deserialization, PDF and lab
  ☆18Updated 5 years ago
• vah13 / Oracle-BI-bugs
  ☆34Updated 5 years ago
• julianvilas / rooted2k15
  Additional materials for RootedCON 2015 Apache Struts talk
  ☆30Updated 10 years ago
• erberkan / fortilogger_arbitrary_fileupload
  CVE-2021-3378 | FortiLogger - Unauthenticated Arbitrary File Upload (Metasploit)
  ☆22Updated 4 years ago
• ShielderSec / CVE-2020-11579
  Exploit code for CVE-2020-11579, an arbitrary file disclosure through the MySQL client in PHPKB
  ☆21Updated last year