frohoff / ysoserialLinks
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆8,302Updated last year
Alternatives and similar repositories for ysoserial
Users that are interested in ysoserial are comparing it to the libraries listed below
Sorting:
- ☆3,546Updated 5 months ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,108Updated 2 years ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,116Updated 2 years ago
- windows-kernel-exploits Windows平台提权漏洞集合☆8,362Updated 4 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆3,961Updated last year
- JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool☆2,468Updated 5 years ago
- Linux privilege escalation auditing tool☆6,018Updated last year
- Deserialization payload generator for a variety of .NET formatters☆3,453Updated 6 months ago
- The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.☆3,099Updated 3 months ago
- linux-kernel-exploits Linux平台提权漏洞集合☆5,443Updated 4 years ago
- This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…☆4,080Updated 2 years ago
- ✍️ A curated list of CVE PoCs.☆3,414Updated 3 years ago
- pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.☆3,734Updated 4 months ago
- Automatic SSRF fuzzer and exploitation tool☆3,236Updated 4 months ago
- Web application fuzzer☆6,204Updated 10 months ago
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆5,723Updated 6 months ago
- Windows Exploit Suggester - Next Generation☆4,497Updated this week
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,510Updated 2 months ago
- Monitor linux processes without root permissions☆5,511Updated 2 years ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,427Updated last year
- Automated NoSQL database enumeration and web application exploitation tool.☆3,093Updated 3 weeks ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,817Updated 3 years ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆5,934Updated 2 months ago
- List of Awesome CobaltStrike Resources☆4,192Updated last year
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,339Updated 8 months ago
- 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.☆7,036Updated this week
- JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)☆2,720Updated 2 years ago
- A swiss army knife for pentesting networks☆8,794Updated last year
- Automated All-in-One OS Command Injection Exploitation Tool.☆5,318Updated this week
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,252Updated 3 months ago