akamai-threat-research / mqtt-pwn
MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.
☆391Updated 8 months ago
Alternatives and similar repositories for mqtt-pwn:
Users that are interested in mqtt-pwn are comparing it to the libraries listed below
- EmbedOS - Embedded security testing virtual machine☆156Updated 4 years ago
- the Network Protocol Fuzzer that we will want to use.☆752Updated last year
- ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python.☆253Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆595Updated 4 years ago
- Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).☆501Updated 3 years ago
- Set of tools for security testing of Internet of Things devices using specific network IoT protocols☆358Updated 10 months ago
- Java RMI enumeration and attack tool.☆731Updated 7 years ago
- TCP tunneling over HTTP/HTTPS for web application servers☆735Updated 8 years ago
- The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers,…☆418Updated 2 years ago
- Proof-of-Concept exploits for CVEs found by the team at Rhino Security Labs☆840Updated 3 weeks ago
- Attify OS - Distro for pentesting IoT devices☆983Updated 3 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆515Updated 4 years ago
- ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)☆289Updated 2 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,027Updated 3 years ago
- ☆83Updated 4 years ago
- IoTGoat is a deliberately insecure firmware based on OpenWrt.☆181Updated 5 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆784Updated 3 years ago
- cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vul…☆141Updated 4 years ago
- Devkit for building Metasploit-like consoles☆246Updated 9 months ago
- ☆470Updated last year
- Proofs-of-concept☆789Updated 7 months ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆432Updated 2 years ago
- ☆130Updated last month
- Redis 4.x & 5.x RCE☆141Updated 5 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆349Updated 2 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆576Updated 3 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆603Updated 5 years ago
- When MVC magic turns black☆292Updated 4 years ago
- Advanced Burp Suite Logging Extension☆658Updated 10 months ago
- Redis(<=5.0.5) RCE☆1,051Updated last year