A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆43Apr 27, 2020Updated 5 years ago
Alternatives and similar repositories for ysoserial
Users that are interested in ysoserial are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆13Jul 30, 2021Updated 4 years ago
- A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft.☆41Aug 16, 2022Updated 3 years ago
- forked from frohoff/ysoserial and added my own payloads.☆155Mar 6, 2020Updated 6 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 3 years ago
- Several XStream gadgets ported from ysoserial☆33Sep 26, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Feb 26, 2024Updated 2 years ago
- Its a coff loader ported to go☆20Oct 2, 2022Updated 3 years ago
- POC for NetworkService PrivEsc☆130May 4, 2020Updated 5 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆803Nov 7, 2021Updated 4 years ago
- A PoC for achieving persistence via push notifications on Windows☆48Jun 9, 2023Updated 2 years ago
- ☆37Apr 30, 2020Updated 5 years ago
- Script to extract the cached credentials from SSSD, getting Active Directory credentials from Unix systems☆24Jun 14, 2023Updated 2 years ago
- Ansible role to deploy RedELK server☆19Sep 11, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Python api for usage with cobalt strike's External C2 specification☆64Nov 6, 2018Updated 7 years ago
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆17Jul 27, 2024Updated last year
- Everything you need about Burp Extension Generation☆157Jan 6, 2023Updated 3 years ago
- ☆32Dec 28, 2023Updated 2 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 5 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆30Dec 31, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.☆58Dec 17, 2024Updated last year
- ☆113Aug 5, 2020Updated 5 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- A tool to interact with Kerberos to request, forge and convert various types of tickets in an Active Directory environment.☆67Jun 10, 2025Updated 10 months ago
- C# version of MDSec's ParallelSyscalls☆143Jan 9, 2022Updated 4 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- Shellcode runner in Rust☆34Oct 30, 2020Updated 5 years ago
- Small utility package for manipulating Windows process tokens☆26Apr 26, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆53Dec 21, 2021Updated 4 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 5 years ago
- Walking the PEB in VBA☆24Apr 6, 2020Updated 6 years ago
- Burp Suite plugin that allow to deserialize Java objects and convert them in an XML format. Unpack also gzip responses. Based on BurpJDSe…☆19Feb 2, 2024Updated 2 years ago
- Oracle Attacks Tool☆13Aug 9, 2016Updated 9 years ago
- ☆102Mar 18, 2026Updated 3 weeks ago
- Example of a serverless web reconaissance workflow's AWS architecture.☆11Feb 25, 2023Updated 3 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆31Dec 17, 2015Updated 10 years ago