cschneider4711 / SWAT

Related projects ⓘ

Alternatives and complementary repositories for SWAT

• victims / maven-security-versions
  Identify vulnerable libraries in Maven dependencies
  ☆45Updated last year
• cschneider4711 / DeserializationExercises
  ☆12Updated 6 years ago
• OpenSecurityResearch / jmsdigger
  JMSDigger is JMS API basedEnterprise Messaging Application assessment tool
  ☆31Updated 10 years ago
• maaaaz / weblogicpassworddecryptor
  A simple script to decrypt stored passwords from Oracle WebLogic Server configuration files
  ☆30Updated 8 years ago
• fbogner / race2rce
  A PoC that shows that Web Vulnerabilities can indeed be interesting
  ☆19Updated 6 years ago
• hacktics / vehicle
  Viewstate Hidden Control Enumerator
  ☆17Updated 11 years ago
• secdec / astam-correlator
  Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…
  ☆24Updated last year
• augustd / burp-suite-gwt-scan
  Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests
  ☆13Updated 9 years ago
• SafeBreach-Labs / BACE
  Mapping of Binaries that allows Arbitrary Code Execution
  ☆23Updated 6 years ago
• CERT-W / hadoop-attack-library
  A collection of pentest tools and resources targeting Hadoop environments
  ☆34Updated 7 years ago
• srcclr / build-inspector
  Inspect your builds to look for changes in filesystem, network traffic and running processes.
  ☆13Updated 6 years ago
• pwntester / XStreamServer
  RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler
  ☆20Updated 10 years ago
• iriusrisk / RopeyTasks
  Deliberately vulnerable web application
  ☆22Updated 7 years ago
• LinkedInAttic / sometime
  A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
  ☆60Updated 7 years ago
• topolik / ois-dos
  Java Deserialization
  ☆26Updated 8 years ago
• Contrast-Security-OSS / jinfinity
  An API for consuming all the memory of Java apps using deserialization
  ☆28Updated 8 years ago
• nccgroup / JDSer-ngng
  A Burp Extender plugin, that will deserialized java objects and encode them in XML using the Xtream library.
  ☆25Updated 9 years ago
• nccgroup / jmxbf
  A brute force program to test weak accounts configured to access a JMX Registry
  ☆33Updated 7 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆121Updated 6 years ago
• pwntester / JVMDeserialization
  PoC for Scala and Groovy
  ☆14Updated 8 years ago
• kiview / damn-vulnerable-spring-boot-app
  Spring-Boot app for demonstrating security vulnaribilities
  ☆13Updated 5 years ago
• kantega / notsoserial
  Java Agent which mitigates deserialisation attacks by making certain classes unserializable
  ☆185Updated 8 years ago
• pwntester / dotnet-deserialization-scanner
  .NET Deserialization Passive Scanner
  ☆45Updated 6 years ago
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated 6 months ago
• PortSwigger / replicator
  Burp extension to help developers replicate findings from pen tests
  ☆70Updated 3 months ago
• 1337g / CVE-2018-0101-DOS-POC
  ☆14Updated 6 years ago
• immunio / apache-struts2-CVE-2017-5638
  Demo Application and Exploit
  ☆35Updated 7 years ago
• jacob-baines / longtime-sunshine
  Nashorn Post Exploitation
  ☆31Updated 6 years ago
• GDSSecurity / GDS-PMD-Security-Rules
  Custom security ruleset for the popular Java static analysis tool PMD.
  ☆61Updated 9 years ago