frohoff / ysoserialLinks
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆8,530Updated last year
Alternatives and similar repositories for ysoserial
Users that are interested in ysoserial are comparing it to the libraries listed below
Sorting:
- ☆3,602Updated 8 months ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,138Updated 2 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,037Updated last year
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,478Updated 5 years ago
- Deserialization payload generator for a variety of .NET formatters☆3,559Updated 9 months ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,206Updated 2 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,604Updated last week
- Web application fuzzer☆6,297Updated last year
- Linux privilege escalation auditing tool☆6,196Updated last year
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆5,902Updated 3 weeks ago
- pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.☆3,777Updated 7 months ago
- The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.☆3,114Updated 7 months ago
- windows-kernel-exploits Windows平台提权漏洞集合☆8,462Updated 4 years ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,697Updated last year
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,852Updated 4 years ago
- Monitor linux processes without root permissions☆5,673Updated 2 years ago
- This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…☆4,117Updated 2 years ago
- List of Awesome CobaltStrike Resources☆4,278Updated 2 years ago
- Automatic SSRF fuzzer and exploitation tool☆3,346Updated last month
- Windows Exploit Suggester - Next Generation☆4,630Updated last week
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,115Updated 5 months ago
- Web path scanner☆13,497Updated 2 weeks ago
- HTTP parameter discovery suite.☆5,873Updated 7 months ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,670Updated 10 months ago
- Rip web accessible (distributed) version control systems: SVN/GIT/HG...☆1,763Updated last year
- 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.☆7,306Updated this week
- Next generation web scanner☆6,108Updated this week
- Webshell && Backdoor Collection☆1,940Updated 5 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,436Updated 11 months ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆1,388Updated 4 years ago