githubsatelliteworkshops / codeql

Related projects ⓘ

Alternatives and complementary repositories for codeql

• veracode-research / spring-view-manipulation
  When MVC magic turns black
  ☆286Updated 4 years ago
• cldrn / codeql-queries
  My CodeQL queries collection
  ☆94Updated last year
• ZeddYu / HTTP-Smuggling-Lab
  Use HTTP Smuggling Lab to learn HTTP Smuggling.
  ☆344Updated 2 years ago
• advanced-security / codeql-queries
  [Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instea…
  ☆80Updated 6 months ago
• mbechler / serianalyzer
  A static byte code analyzer for Java deserialization gadget research
  ☆241Updated 7 years ago
• GitHubSecurityLab / CodeQL-Community-Packs
  Collection of community-driven CodeQL query, library and extension packs
  ☆74Updated last week
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆109Updated 11 months ago
• Marcono1234 / codeql-java-queries
  Personal CodeQL queries
  ☆58Updated last week
• advanced-security / custom-codeql-bundle
  An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations…
  ☆25Updated 2 years ago
• PalindromeLabs / Java-Deserialization-CVEs
  Compiled dataset of Java deserialization CVEs
  ☆60Updated 4 years ago
• pwntester / codeql_grehack_workshop
  GreHack 2021 CodeQL for Java workshop
  ☆75Updated 3 years ago
• bahruzjabiyev / t-reqs
  Grammar-based HTTP/1 fuzzer with mutation ability
  ☆243Updated 3 weeks ago
• xiaofen9 / Lynx
  A Node.js vulnerability finding tool.
  ☆95Updated 4 years ago
• voidfyoo / rwctf-2021-old-system
  ☆78Updated 3 years ago
• elttam / semgrep-rules
  ☆175Updated 2 weeks ago
• veracode-research / actuator-testbed
  A vulnerable application exposing Spring Boot Actuators
  ☆122Updated 5 years ago
• bahruzjabiyev / frameshifter
  Grammar-based HTTP/2 fuzzer with mutation ability
  ☆42Updated 2 years ago
• zbazztian / codeql-debug
  ☆70Updated 2 years ago
• mogwailabs / rmi-deserialization
  Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
  ☆101Updated 5 years ago
• github / codeql-dubbo-workshop
  ☆58Updated last year
• SaneBow / redirect-fuzzer
  Fuzzing script for redirect URL validator
  ☆48Updated 4 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 2 years ago
• KTH-LangSec / SerialDetector
  A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications
  ☆62Updated 3 years ago
• KTH-LangSec / silent-spring
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆56Updated 10 months ago
• githubuniverseworkshops / codeql
  CodeQL workshops for GitHub Universe
  ☆91Updated 2 years ago
• GoSecure / template-injection-workshop
  Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
  ☆121Updated last year
• Barro / java-afl
  Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.
  ☆88Updated 6 years ago
• whitesquirrell / C0deVari4nt
  A variant analysis and visualisation tool that scans codebases for similar vulnerabilities
  ☆69Updated 2 years ago
• synacktiv / QLinspector
  Finding Java gadget chains with CodeQL
  ☆159Updated 3 months ago
• PortSwigger / json-web-token-attacker
  ☆107Updated 2 years ago