appsecco/json-flash-csrf-poc

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/appsecco/json-flash-csrf-poc)

appsecco / json-flash-csrf-poc

This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.

☆78

Alternatives and similar repositories for json-flash-csrf-poc

Users that are interested in json-flash-csrf-poc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

sethsec / Nodejs-SSRF-App
View on GitHub
Nodejs application intentionally vulnerable to SSRF
☆42May 12, 2023Updated 2 years ago
mhaskar / CVE-2019-20224
View on GitHub
The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224
☆14Jan 10, 2020Updated 6 years ago
tarantula-team / CVE-2019-12949
View on GitHub
CVE-2019-12949
☆26Jun 28, 2019Updated 6 years ago
WyAtu / CVE-2018-4407
View on GitHub
CVE-2018-4407 IOS/macOS kernel crash
☆13Feb 23, 2019Updated 7 years ago
71src / code_share
View on GitHub
公众号分享中的一些代码，poc, 及其他参考等
☆12Apr 12, 2019Updated 6 years ago
Virtual machines for every use case on DigitalOcean • Ad
Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
security-dockerfiles / beef
View on GitHub
Dockerized BeEF
☆44Dec 7, 2021Updated 4 years ago
zerothoughts / jndipoc
View on GitHub
Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls
☆42Jan 22, 2016Updated 10 years ago
Hpd0ger / InFoCollecter
View on GitHub
针对域名/页面的接口爬取，递归模式入库
☆22Sep 18, 2019Updated 6 years ago
veracode-research / actuator-testbed
View on GitHub
A vulnerable application exposing Spring Boot Actuators
☆123Feb 25, 2019Updated 7 years ago
shengqi158 / Jackson-databind-RCE-PoC
View on GitHub
☆83Jan 11, 2018Updated 8 years ago
tintinweb / paramiko-sshfuzz
View on GitHub
A generic decorator based ssh protocol message fuzzer based paramiko the Native Python SSHv2 protocol library
☆13Jan 2, 2020Updated 6 years ago
jeffzh3ng / fuxi-ui
View on GitHub
Penetration Testing Platform (Front-End Code)
☆17Jan 5, 2023Updated 3 years ago
inspiringz / Shiro-721
View on GitHub
Shiro-721 RCE Via RememberMe Padding Oracle Attack
☆269Oct 29, 2020Updated 5 years ago
verctor / nexus_rce_CVE-2019-7238
View on GitHub
Some debug notes and exploit(not blind)
☆39Jul 28, 2019Updated 6 years ago
Wordpress hosting with auto-scaling on Cloudways • Ad
Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
Artemis1029 / Java_xmlhack
View on GitHub
帮助java环境下任意文件下载情况自动化读取源码的小工具
☆166Apr 5, 2019Updated 6 years ago
No-Github / Adinfo
View on GitHub
域信息收集工具
☆11Jun 5, 2023Updated 2 years ago
jas502n / CVE-2019-0193
View on GitHub
Apache Solr DataImport Handler RCE
☆91Aug 12, 2019Updated 6 years ago
cainiaocome / xssgun
View on GitHub
xss payloads generator
☆25Mar 1, 2019Updated 7 years ago
Cryin / Paper
View on GitHub
Web Security Technology & Vulnerability Analysis Whitepapers
☆549Jan 1, 2019Updated 7 years ago
nccgroup / freddy
View on GitHub
Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
☆583Sep 7, 2021Updated 4 years ago
QAX-A-Team / HideShell
View on GitHub
A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.
☆216Mar 31, 2019Updated 6 years ago
JackDoan / TP-Link-ArcherC5-RCE
View on GitHub
CVE-2018-19537
☆20Nov 26, 2018Updated 7 years ago
zerothoughts / spring-jndi
View on GitHub
Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
☆116May 17, 2019Updated 6 years ago
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
co0ontty / pocdb
View on GitHub
my poc
☆16Oct 28, 2020Updated 5 years ago
Lonely-night / fastjson_gadgets_scanner
View on GitHub
☆131Jun 17, 2022Updated 3 years ago
vysecurity / VBA-RunPE
View on GitHub
A VBA implementation of the RunPE technique or how to bypass application whitelisting.
☆14Dec 30, 2018Updated 7 years ago
iSafeBlue / fastjson-autotype-bypass-demo
View on GitHub
fastjson 1.2.68 版本 autotype bypass
☆142Jun 17, 2022Updated 3 years ago
lufeirider / CVE-2019-2725
View on GitHub
CVE-2019-2725 命令回显
☆436May 8, 2023Updated 2 years ago
evict / poc_CVE-2018-1002105
View on GitHub
PoC for CVE-2018-1002105.
☆222Dec 21, 2018Updated 7 years ago
Zombiehelp54 / CTF
View on GitHub
CTF Writeups
☆12Feb 25, 2023Updated 3 years ago
grayddq / PassiveDataSorting
View on GitHub
自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统，本系统属于数据处理部分，抓取流量镜像的数据，进行分析过滤去重等操作，发送至消息队列中，等待PassiveSecCheck消费
☆34Dec 21, 2017Updated 8 years ago
LeadroyaL / fastjson-blacklist
View on GitHub
☆835Jun 7, 2022Updated 3 years ago
Wordpress hosting with auto-scaling on Cloudways • Ad
Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
Shivang0 / Go-Tools-for-BBH
View on GitHub
This Repo help you to download most helpful GO tools on the system .
☆22Dec 7, 2022Updated 3 years ago
silentsignal / burp-collab-gw
View on GitHub
Simple socket-based gateway to the Burp Collaborator
☆34Nov 23, 2016Updated 9 years ago
l3m0n / whatweb
View on GitHub
更快速的进行Web应用指纹识别
☆171May 9, 2019Updated 6 years ago
fnmsd / zimbra_poc
View on GitHub
Zimbra XXE+SSRF+UPLOAD Poc
☆59Jun 25, 2019Updated 6 years ago
proudwind / struts2_vulns
View on GitHub
Struts2 vuln env
☆43Dec 6, 2022Updated 3 years ago
al0ne / MacCheck
View on GitHub
一个Mac下信息搜集小脚本主要用于信息搜集/应急响应/检测挖矿进程/异常进程/异常启动项
☆78Jul 21, 2020Updated 5 years ago
guimaizi / get_domain
View on GitHub
☆404Feb 28, 2020Updated 6 years ago