A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆43Apr 27, 2020Updated 6 years ago
Alternatives and similar repositories for ysoserial
Users that are interested in ysoserial are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆13Jul 30, 2021Updated 4 years ago
- A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft.☆42Aug 16, 2022Updated 3 years ago
- forked from frohoff/ysoserial and added my own payloads.☆156Mar 6, 2020Updated 6 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 3 years ago
- Several XStream gadgets ported from ysoserial☆33Sep 26, 2021Updated 4 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆17Jun 24, 2021Updated 4 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Feb 26, 2024Updated 2 years ago
- Its a coff loader ported to go☆20Oct 2, 2022Updated 3 years ago
- POC for NetworkService PrivEsc☆130May 4, 2020Updated 6 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆802Nov 7, 2021Updated 4 years ago
- A PoC for achieving persistence via push notifications on Windows☆48Jun 9, 2023Updated 3 years ago
- ☆37Apr 30, 2020Updated 6 years ago
- Script to extract the cached credentials from SSSD, getting Active Directory credentials from Unix systems☆24Jun 14, 2023Updated 3 years ago
- Ansible role to deploy RedELK server☆19Sep 11, 2023Updated 2 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Python api for usage with cobalt strike's External C2 specification☆64Nov 6, 2018Updated 7 years ago
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆21Jul 27, 2024Updated last year
- Everything you need about Burp Extension Generation☆157Jan 6, 2023Updated 3 years ago
- ☆32Dec 28, 2023Updated 2 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆30Dec 31, 2021Updated 4 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 5 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆616Mar 4, 2021Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.☆58Dec 17, 2024Updated last year
- ☆113Aug 5, 2020Updated 5 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- A tool to interact with Kerberos to request, forge and convert various types of tickets in an Active Directory environment.☆68Updated this week
- C# version of MDSec's ParallelSyscalls☆143Jan 9, 2022Updated 4 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 4 years ago
- Shellcode runner in Rust☆34Oct 30, 2020Updated 5 years ago
- Small utility package for manipulating Windows process tokens☆24Apr 26, 2022Updated 4 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆53Dec 21, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 6 years ago
- Walking the PEB in VBA☆24Apr 6, 2020Updated 6 years ago
- Burp Suite plugin that allow to deserialize Java objects and convert them in an XML format. Unpack also gzip responses. Based on BurpJDSe…☆20Feb 2, 2024Updated 2 years ago
- Oracle Attacks Tool☆13Aug 9, 2016Updated 9 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆31Dec 17, 2015Updated 10 years ago
- Example of a serverless web reconaissance workflow's AWS architecture.☆11Feb 25, 2023Updated 3 years ago
- ☆18Feb 29, 2024Updated 2 years ago