Vulnerable webapp testbed
☆24May 11, 2016Updated 9 years ago
Alternatives and similar repositories for java-deserialize-webapp
Users that are interested in java-deserialize-webapp are comparing it to the libraries listed below
Sorting:
- Java deserialization exploitation lab.☆237Mar 1, 2019Updated 7 years ago
- A Simple command line tool that helps checking web applications to identify insecure deserialization vulnerabilities.☆24Jul 10, 2019Updated 6 years ago
- Telegram cli tool for bot notifications☆17Feb 24, 2021Updated 5 years ago
- Advanced Recon Tool☆26Aug 24, 2020Updated 5 years ago
- ☆16Apr 14, 2020Updated 5 years ago
- ☆17Sep 2, 2021Updated 4 years ago
- RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler☆20Dec 24, 2013Updated 12 years ago
- S2-057 poc test☆13Aug 31, 2018Updated 7 years ago
- Repo for OSWE related video content for @SecAura Youtube Channel☆37Feb 21, 2022Updated 4 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Mar 24, 2017Updated 8 years ago
- ☆17May 20, 2021Updated 4 years ago
- Exploitation Script for CVE-2020-0688 "Microsoft Exchange default MachineKeySection deserialize vulnerability"☆11Apr 1, 2020Updated 5 years ago
- ☆17Oct 25, 2018Updated 7 years ago
- ☆11Apr 22, 2022Updated 3 years ago
- Notes Template/Checklist for PEN-300 OSEP☆16Nov 20, 2021Updated 4 years ago
- Plattform to develop and experiment with existing java web attacks.☆31Jan 8, 2018Updated 8 years ago
- Demo server for testing Java deserialization payloads☆15Sep 18, 2016Updated 9 years ago
- SolarWinds Orion Platform ActionPluginBaseView 反序列化RCE☆47Oct 23, 2021Updated 4 years ago
- CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE☆63Jun 1, 2023Updated 2 years ago
- A repository of wordlists for enumeration. Will be added to by my tools when they find interesting new entries☆23Jan 21, 2021Updated 5 years ago
- Deprecated: Please visit https://github.com/github/codeql instead.☆82Apr 8, 2022Updated 3 years ago
- get the http allowed methods for URLs list☆13Feb 22, 2021Updated 5 years ago
- Java serialization brute force attack tool.☆123Aug 18, 2017Updated 8 years ago
- S2-061 CVE-2020-17530☆29Dec 22, 2020Updated 5 years ago
- Zone transfers for rwhois☆20Feb 27, 2019Updated 7 years ago
- ☆15Sep 11, 2020Updated 5 years ago
- A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities☆16Feb 13, 2017Updated 9 years ago
- XXE techniques☆14Oct 10, 2021Updated 4 years ago
- DLL injection with Microsoft detours☆22Dec 9, 2025Updated 3 months ago
- ☆16Jul 7, 2020Updated 5 years ago
- DupeKeyInjector☆134Apr 16, 2022Updated 3 years ago
- DLL hijacking vulnerability scanner and PE infector tool☆20Sep 8, 2017Updated 8 years ago
- Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.☆35Mar 2, 2020Updated 6 years ago
- Exploit for Microsoft SharePoint 2019☆13Dec 28, 2023Updated 2 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆124Jan 9, 2018Updated 8 years ago
- Plugin based information gathering library�☆28May 4, 2023Updated 2 years ago
- Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-ac…☆107Jun 27, 2024Updated last year
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- Tool that automates Active Directory enumeration☆88Apr 24, 2021Updated 4 years ago