Alternatives and similar repositories for find-sec-bugs-demos

Users that are interested in find-sec-bugs-demos are comparing it to the libraries listed below

• CSPF-Founder / VulnerableSpring
  Vulnerable Java based Web Application
  ☆31Updated 5 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 2 years ago
• tothi / ctfs
  some example ctf writeups
  ☆27Updated 4 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆123Updated 7 years ago
• khai-tran / BurpJDSer
  ☆23Updated 10 years ago
• iriusrisk / RopeyTasks
  Deliberately vulnerable web application
  ☆22Updated 7 years ago
• 0ang3el / Unsafe-JAX-RS-Burp
  Burp Suite extension for JAX-RS
  ☆65Updated 8 years ago
• pwntester / XStreamServer
  RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler
  ☆20Updated 11 years ago
• 0ang3el / Hibernate-Injection-Study
  Study about HQL injection exploitation.
  ☆51Updated 9 years ago
• h3xstream / burp-image-metadata
  Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).
  ☆14Updated 2 years ago
• dnet / burp-oauth
  OAuth plugin for Burp Suite Extender
  ☆42Updated 6 years ago
• OpenSecurityResearch / jmsdigger
  JMSDigger is JMS API basedEnterprise Messaging Application assessment tool
  ☆30Updated 10 years ago
• federicodotta / BurpJDSer-ng-edited
  Burp Suite plugin that allow to deserialize Java objects and convert them in an XML format. Unpack also gzip responses. Based on BurpJDSe…
  ☆20Updated last year
• yolosec / deserialize-server
  Demo server for testing Java deserialization payloads
  ☆15Updated 8 years ago
• augustd / burp-suite-software-version-checks
  Burp extension to passively scan for applications revealing software version numbers
  ☆31Updated last year
• GoSecure / 44con-code-review-workshop
  References, tools and sample payloads
  ☆10Updated 8 years ago
• hvqzao / burp-flow
  Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
  ☆48Updated 4 years ago
• topolik / ois-dos
  Java Deserialization
  ☆26Updated 8 years ago
• yolosec / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆34Updated 8 years ago
• GrrrDog / ZeroNights-WebVillage-2017
  ☆70Updated 7 years ago
• immunio / apache-struts2-CVE-2017-5638
  Demo Application and Exploit
  ☆35Updated 8 years ago
• skepticfx / damnvulnerable.me
  A deliberately vulnerable modern day app with lots of DOM related bugs
  ☆35Updated 6 years ago
• PortSwigger / detect-dynamic-js
  The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…
  ☆13Updated 6 years ago
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated last month
• anandtiwarics / python-burp-rest-api
  Python Package for burprestapi
  ☆16Updated 5 years ago
• PortSwigger / replicator
  Burp extension to help developers replicate findings from pen tests
  ☆70Updated 10 months ago
• augustd / burp-suite-error-message-checks
  Burp Suite extension to passively scan for applications revealing server error messages
  ☆66Updated last year
• redtimmy / OAMBuster
  Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)
  ☆25Updated 5 years ago
• secdec / astam-correlator
  Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…
  ☆24Updated 2 years ago
• syriusbughunt / CVE-2018-14667
  All about CVE-2018-14667; From what it is to how to successfully exploit it.
  ☆50Updated 6 years ago