h3xstream / find-sec-bugs
The FindBugs plugin for security audits of Java web applications and Android applications. (Also work with Scala and Groovy projects)
☆21Updated last year
Alternatives and similar repositories for find-sec-bugs:
Users that are interested in find-sec-bugs are comparing it to the libraries listed below
- Tainted PhantomJS☆53Updated 9 years ago
- REST/JSON interface to Burp Suite☆33Updated 4 years ago
- [DEPRECATED] Hiccup is a framework that allows the Burp Suite (a web application security testing tool, http://portswigger.net/burp/) to …☆42Updated 6 years ago
- Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).☆14Updated last year
- A Burp Extender plugin, that will deserialized java objects and encode them in XML using the Xtream library.☆25Updated 9 years ago
- XXE OOB Exploitation Toolset for Automation☆63Updated 11 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆30Updated 9 years ago
- A collection of vulnerable web applications in Node.js to practice security fundamentals☆13Updated 8 years ago
- Demo server for testing Java deserialization payloads☆15Updated 8 years ago
- JMSDigger is JMS API basedEnterprise Messaging Application assessment tool☆30Updated 10 years ago
- A fuzzing script for MitmProxy☆22Updated 9 years ago
- Viewstate Hidden Control Enumerator☆17Updated 11 years ago
- Burp extension to quickly and easily develop Python complex exploits based on Burp proxy requests.☆33Updated 9 years ago
- A BurpSuite extension for lair☆28Updated 7 years ago
- A Burp Suite extension that starts scanning on requests it sees, and dumps results on standard output☆21Updated 8 years ago
- A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities☆60Updated 7 years ago
- DNS Enumeration and Reconnaissance Tool☆37Updated 9 years ago
- Deliberately vulnerable web application☆22Updated 7 years ago
- CTF Wiki - http://ctf.forgottensec.com/wiki/index.php☆45Updated 7 years ago
- ☆50Updated 7 years ago
- An API for consuming all the memory of Java apps using deserialization☆28Updated 9 years ago
- A simple Shellshock scanner in python☆41Updated 10 years ago
- Faraday Continuous Scanning☆33Updated 8 years ago
- Java Deserialization☆26Updated 8 years ago
- ☆79Updated 9 years ago
- ssh key exchange layer for scapy☆13Updated 10 years ago
- ☆13Updated 14 years ago
- ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461☆48Updated 10 years ago
- Wraps sudo; transparently steals user's credentials. For those annoying times when you get a shell/file write on a sudoers account and ne…☆35Updated 4 months ago
- Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java☆56Updated 8 years ago