☆76May 22, 2017Updated 8 years ago
Alternatives and similar repositories for marshalsec
Users that are interested in marshalsec are comparing it to the libraries listed below
Sorting:
- Plattform to develop and experiment with existing java web attacks.☆31Jan 8, 2018Updated 8 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,171May 26, 2023Updated 2 years ago
- It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect tha…☆16Dec 8, 2025Updated 3 months ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,776Dec 4, 2025Updated 3 months ago
- YSOSERIAL Integration with burp suite☆165Dec 16, 2022Updated 3 years ago
- A static byte code analyzer for Java deserialization gadget research☆251Apr 17, 2017Updated 8 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆583Sep 7, 2021Updated 4 years ago
- ☆27Mar 6, 2021Updated 5 years ago
- ☆12Nov 15, 2021Updated 4 years ago
- ☆3,660Jan 9, 2025Updated last year
- Deserialization payload generator for a variety of .NET formatters☆3,682Dec 23, 2024Updated last year
- Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro☆53Aug 5, 2013Updated 12 years ago
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆110May 12, 2016Updated 9 years ago
- Web access logs analyzer - provides an insight on how remote hosts behave☆15Sep 13, 2021Updated 4 years ago
- ☆21Aug 7, 2014Updated 11 years ago
- DursVuln - Nmap Scripting Engine (NSE)☆21Jul 16, 2025Updated 7 months ago
- Repository for the SecurityTube Linux Assembly Expert Certification☆10Oct 11, 2017Updated 8 years ago
- ☆16Oct 30, 2022Updated 3 years ago
- Collection of things made during my SLAE 32-bit journey☆14Feb 24, 2022Updated 4 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆124Jan 9, 2018Updated 8 years ago
- CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion☆18Mar 3, 2021Updated 5 years ago
- CTF write-ups from the VulnHub CTF Team☆10Mar 23, 2018Updated 7 years ago
- Weblogic Unrestricted File Upload☆54Apr 17, 2019Updated 6 years ago
- A collection of pentest tools and resources targeting Hadoop environments☆35Mar 2, 2017Updated 9 years ago
- A script to bring up PPPoE sessions using Python and scapy☆18Jun 18, 2015Updated 10 years ago
- Burp suite Certificate modification tool☆18Apr 23, 2023Updated 2 years ago
- Exploit for Jenkins serialization vulnerability - CVE-2016-0792☆49Aug 2, 2017Updated 8 years ago
- Java Object Deserialization on Android☆86Apr 11, 2019Updated 6 years ago
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,515Jan 21, 2020Updated 6 years ago
- ☆21Aug 31, 2025Updated 6 months ago
- Simple socket-based gateway to the Burp Collaborator☆34Nov 23, 2016Updated 9 years ago
- ☆35Dec 5, 2025Updated 3 months ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆387Apr 16, 2022Updated 3 years ago
- Apache Tomcat Remote Code Execution on Windows☆189Nov 27, 2019Updated 6 years ago
- ☆20Oct 7, 2013Updated 12 years ago
- DLT-Security-Framework☆17Feb 26, 2026Updated last week
- PoC for Scala and Groovy☆14Apr 4, 2016Updated 9 years ago
- Bug Bounty Clipboard☆17Nov 6, 2019Updated 6 years ago
- Audits AD hashdump and looks for instances for password reuse☆12Nov 12, 2019Updated 6 years ago