federicodotta / ysoserialLinks
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆43Updated 5 years ago
Alternatives and similar repositories for ysoserial
Users that are interested in ysoserial are comparing it to the libraries listed below
Sorting:
- Python3 tool to perform password spraying against Microsoft Online service using various methods☆87Updated 2 years ago
- This code was used for the blogpost on secjuice.☆42Updated 6 years ago
- Checks for signature requirements over LDAP☆97Updated 2 years ago
- ☆90Updated 4 months ago
- Use normal web pentest tools to hack Websockets☆18Updated 5 years ago
- A sort of simple shell which support multiple protocols.☆99Updated 5 years ago
- ☆45Updated 8 years ago
- This extension allows a user to specify a lockout policy in order to automate a password spray attack via Intruder.☆25Updated 5 years ago
- Exchangelib wrapper for pentesting☆64Updated 4 months ago
- Add SD for controlled computer object to a target object for RBCD using LDAP☆38Updated 3 years ago
- A list of "secrets" from JWT sample code and readme files.☆55Updated 4 years ago
- Powershell module to get the NetNTLMv2 hash of the current user☆94Updated 2 years ago
- Example Vulnerable .NET HTTP Remoting☆85Updated 6 years ago
- Jenkins pre-auth RCE exploit. More info at https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266 https://blog.orange.tw/2019/02/…☆10Updated 6 years ago
- Password Spraying Script detecting current and previous passwords of Active Directory User☆65Updated 3 years ago
- Parse NTLM challenge messages over HTTP and SMB☆149Updated 2 years ago
- ☆50Updated 3 years ago
- Loads a custom dll in system32 via diaghub.☆76Updated 5 years ago
- A Burp Suite extension for headless, unattended scanning.☆36Updated 5 years ago
- A tool to password spray Jenkins instances☆57Updated 6 years ago
- ☆41Updated 6 years ago
- Modified version of PEAS client for offensive operations☆41Updated 2 years ago
- ☆17Updated 4 years ago
- Scripts created to help with post exploitation of a Windows host☆97Updated 4 years ago
- A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.☆92Updated last year
- Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments☆124Updated 3 years ago
- JavaScript functions intended to be used as an XSS payload against a WordPress admin account.☆54Updated 4 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆23Updated 5 years ago
- A tool for creating proxy dll for hijacking☆42Updated 7 months ago
- Rewriting SIET to python3☆50Updated 8 months ago