doyensec / Unsafe-UnpackingLinks
Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide
☆41Updated 8 months ago
Alternatives and similar repositories for Unsafe-Unpacking
Users that are interested in Unsafe-Unpacking are comparing it to the libraries listed below
Sorting:
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆14Updated 2 years ago
- Simple WebSocket fuzzer☆33Updated 2 years ago
- A curated list of argument injection vectors☆41Updated 7 months ago
- This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Autom…☆45Updated last year
- A collection of my Semgrep rules☆49Updated 2 years ago
- POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library☆17Updated 11 months ago
- ☆23Updated 7 months ago
- ☆27Updated last year
- ☆21Updated 3 months ago
- An extension to use Semgrep inside Burp Suite.☆89Updated 3 months ago
- ☆33Updated 2 years ago
- Proof of Concepts for unsafe deserialization in Ruby☆17Updated 10 months ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆32Updated 5 months ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆23Updated 3 years ago
- POC for CVE-2022-23648☆36Updated 3 years ago
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- Manager of third-party sources of Semgrep rules 🗂☆87Updated last year
- Slides and other material from various conference presentations.☆45Updated 3 months ago
- ☆31Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆47Updated 11 months ago
- HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets☆36Updated 2 years ago
- a Ruby implementation of Java's ObjectInputStream and ObjectOutputStream.☆16Updated 3 years ago
- ☆116Updated 2 years ago
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON☆113Updated last year
- A simple mutator engine which focuses on finding unknown classes of injection vulnerabilities☆67Updated last year
- ☆14Updated 3 months ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆101Updated 2 months ago
- A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft.☆41Updated 3 years ago
- A collection of utilities for building extensions using Burp's Montoya API☆52Updated last year
- an Evil Java RMI Registry.☆52Updated 2 years ago