fbogner / race2rceLinks
A PoC that shows that Web Vulnerabilities can indeed be interesting
☆20Updated 7 years ago
Alternatives and similar repositories for race2rce
Users that are interested in race2rce are comparing it to the libraries listed below
Sorting:
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Updated 7 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Updated 8 years ago
- RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler☆20Updated 11 years ago
- Generate pentest reports based on github issues.☆16Updated 2 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 7 years ago
- ☆13Updated 3 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Updated 8 years ago
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆45Updated 7 years ago
- This repository contains the POC of an exploit for node-jose < 0.11.0☆25Updated 2 years ago
- A collection of published exploits and proof-of-concept code.☆21Updated 7 years ago
- Extension adds a new tab in Burp Suite called Extractor☆42Updated 6 years ago
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Updated 13 years ago
- Nashorn Post Exploitation☆32Updated 7 years ago
- Proof-of-Concept exploit of CVE-2018-19131: Squid Proxy XSS via X.509 Certificate☆20Updated 6 years ago
- Penetration Testing Tools Developed by AppSec Consulting.☆48Updated 6 years ago
- Study about HQL injection exploitation.☆51Updated 9 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆25Updated 6 years ago
- ☆38Updated 5 years ago
- ☆14Updated 7 years ago
- .NET Deserialization Passive Scanner☆46Updated 7 years ago
- Burp extension to help developers replicate findings from pen tests☆70Updated last year
- Collection of exploits/POC for PrestaShop cookie vulnerabilities (CVE-2018-13784)☆48Updated 7 years ago
- Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)☆38Updated 9 years ago
- ActionScript Proof of Concept to perform cross-domain reads☆16Updated 12 years ago
- Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).☆15Updated 2 years ago
- Burp Suite extension to generate Intruder payloads using Radamsa☆89Updated 8 years ago
- Axis2 RPC Shell☆15Updated 10 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43Updated 5 years ago
- Offline Security Focus Database☆31Updated 12 years ago
- Burp extension to passively scan for applications revealing software version numbers☆32Updated last year