Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide
☆43Dec 16, 2024Updated last year
Alternatives and similar repositories for Unsafe-Unpacking
Users that are interested in Unsafe-Unpacking are comparing it to the libraries listed below
Sorting:
- Proof of Concepts for unsafe deserialization in Ruby☆17Oct 17, 2024Updated last year
- Collection of rules for Static Application Security Testing (SAST) with Semgrep☆12Apr 16, 2025Updated 10 months ago
- clfs CVE 的一些 POC 收集☆16Oct 27, 2022Updated 3 years ago
- This repository contains an IDA processor for loading and disassembling compiled yara rules.☆44Dec 31, 2024Updated last year
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Oct 3, 2023Updated 2 years ago
- Additional active scan checks for BURP☆28Oct 3, 2024Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆15Apr 10, 2025Updated 10 months ago
- Custom semgrep rules registry☆14Aug 23, 2022Updated 3 years ago
- Unauthenticated enumeration of AWS IAM Roles.☆26Sep 7, 2025Updated 5 months ago
- AWS STS token decoder☆46Mar 18, 2025Updated 11 months ago
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Sep 11, 2024Updated last year
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated last year
- ☆14Jan 8, 2026Updated last month
- The rev.ng demos☆13Jan 29, 2026Updated last month
- ☆93Apr 29, 2024Updated last year
- An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition☆28Apr 17, 2018Updated 7 years ago
- ☆19Jan 31, 2025Updated last year
- ☆35Jan 27, 2025Updated last year
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆59Sep 7, 2023Updated 2 years ago
- CVE-2024-28995 POC Vulnerability Scanner☆13Jun 15, 2024Updated last year
- ☆18Jul 30, 2024Updated last year
- 🔗 A curated list of awesome Caido related projects☆46Mar 25, 2025Updated 11 months ago
- Ledger Donjon CTF 2020☆17Nov 16, 2021Updated 4 years ago
- Study notes on Windows NTLM Reflection and token stealing based EOPs.☆20May 5, 2021Updated 4 years ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- CVE-2016-1287 vulnerability test☆16Feb 15, 2016Updated 10 years ago
- Semgrep queries developed by Trail of Bits.☆484Nov 12, 2025Updated 3 months ago
- A collection of my Semgrep rules☆51Jul 4, 2023Updated 2 years ago
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆245Dec 8, 2025Updated 2 months ago
- minimum ELF64 program to calculate its own SHA256.☆18Aug 22, 2022Updated 3 years ago
- Original workshops and staging area for new ones☆16Jul 3, 2025Updated 8 months ago
- Improved version of pintool☆17Jul 24, 2016Updated 9 years ago
- Proof of concept VBA code to add to Normal.dot to put restrictions on Word☆40Dec 20, 2016Updated 9 years ago
- Proof of concept agentic solver for nfuncs from DEF CON Quals 2025☆23Apr 18, 2025Updated 10 months ago
- A quick and dirty way to bypass encrypted EPA to connect to a NetScaler Gateway☆20Oct 11, 2019Updated 6 years ago
- Userland exec PoC to be used as attack vector technique☆96Oct 23, 2025Updated 4 months ago