doyensec / Unsafe-Unpacking
Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide
☆40Updated 4 months ago
Alternatives and similar repositories for Unsafe-Unpacking:
Users that are interested in Unsafe-Unpacking are comparing it to the libraries listed below
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆12Updated last year
- Simple WebSocket fuzzer☆32Updated last year
- Proof of Concepts for unsafe deserialization in Ruby☆17Updated 6 months ago
- This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Autom…☆44Updated last year
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated last month
- Argument Injection in Dragonfly Ruby Gem☆16Updated 3 years ago
- ☆26Updated last year
- CTF writeups☆30Updated 2 years ago
- a Ruby implementation of Java's ObjectInputStream and ObjectOutputStream.☆16Updated 2 years ago
- ☆14Updated 4 months ago
- A collection of my Semgrep rules☆49Updated last year
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆88Updated 5 months ago
- Utility for creating ZipSlip archives☆72Updated 2 years ago
- ☆23Updated 2 months ago
- ☆77Updated 2 months ago
- A curated list of argument injection vectors☆40Updated 3 months ago
- An extension to use Semgrep inside Burp Suite.☆88Updated last year
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆17Updated last year
- HTTP Desync Attack☆28Updated 4 years ago
- A collection of utilities for building extensions using Burp's Montoya API☆50Updated 10 months ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆45Updated last year
- Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages☆36Updated last year
- pocs & exploit for CVE-2023-24871 (rce + lpe)☆48Updated 9 months ago
- ☆32Updated 2 years ago
- WebGL fuzzer☆38Updated 2 years ago
- Manager of third-party sources of Semgrep rules 🗂☆81Updated 9 months ago
- Slides and other material from various conference presentations.☆44Updated 3 weeks ago
- ☆17Updated last month
- A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…☆19Updated 2 years ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆22Updated 3 years ago