frohoff / ysoserialLinks
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆8,554Updated last year
Alternatives and similar repositories for ysoserial
Users that are interested in ysoserial are comparing it to the libraries listed below
Sorting:
- ☆3,605Updated 9 months ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,136Updated 2 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,047Updated last year
- Linux privilege escalation auditing tool☆6,213Updated last year
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,213Updated 2 years ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,708Updated last year
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,480Updated 5 years ago
- Web application fuzzer☆6,310Updated last year
- 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.☆7,335Updated this week
- Deserialization payload generator for a variety of .NET formatters☆3,563Updated 9 months ago
- The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.☆3,118Updated 7 months ago
- windows-kernel-exploits Windows平台提权漏洞集合☆8,468Updated 4 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,613Updated 3 weeks ago
- Monitor linux processes without root permissions☆5,715Updated 2 years ago
- pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.☆3,782Updated 7 months ago
- This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…☆4,132Updated 2 years ago
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆5,931Updated last month
- Automatic SSRF fuzzer and exploitation tool☆3,355Updated last month
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,637Updated 2 years ago
- A swiss army knife for pentesting networks☆8,943Updated last year
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,140Updated 5 months ago
- HTTP parameter discovery suite.☆5,899Updated 8 months ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,852Updated 4 years ago
- Web path scanner☆13,538Updated 3 weeks ago
- A Tool for Domain Flyovers☆5,862Updated 3 years ago
- Windows Exploit Suggester - Next Generation☆4,643Updated last week
- Weaponized web shell☆3,392Updated 2 weeks ago
- Automated All-in-One OS Command Injection Exploitation Tool.☆5,489Updated this week
- An OOB interaction gathering server and client library☆3,992Updated this week
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,487Updated last week