lunasec-io / Spring4Shell-POC

Related projects ⓘ

Alternatives and complementary repositories for Spring4Shell-POC

• wdahlenburg / interactsh-collaborator
  Burpsuite plugin for Interact.sh
  ☆198Updated 4 months ago
• httpvoid / CVE-Reverse
  ☆278Updated 3 years ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆169Updated 2 weeks ago
• dbrwsky / Nuclei-BurpExtension
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆117Updated last year
• Static-Flow / BurpSuiteAutoCompletion
  This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
  ☆162Updated 3 years ago
• hackvertor / hackvertor
  ☆170Updated last week
• BobTheShoplifter / Spring4Shell-POC
  Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
  ☆360Updated 2 years ago
• GoSecure / template-injection-workshop
  Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
  ☆121Updated last year
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆137Updated last year
• 0xmoot / s3sec
  Check AWS S3 instances for read/write/delete access
  ☆121Updated 2 years ago
• alt3kx / CVE-2022-22965
  Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
  ☆101Updated 2 years ago
• agrawalsmart7 / scodescanner
  SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.
  ☆159Updated last year
• laluka / jolokia-exploitation-toolkit
  jolokia-exploitation-toolkit
  ☆278Updated 7 months ago
• projectdiscovery / interactsh-web
  Web dashboard for Interactsh client
  ☆194Updated 2 weeks ago
• PortSwigger / auth-analyzer
  ☆71Updated 6 months ago
• qtc-de / beanshooter
  JMX enumeration and attacking tool.
  ☆392Updated last month
• karthikuj / cve-2022-42889-text4shell-docker
  Dockerized POC for CVE-2022-42889 Text4Shell
  ☆75Updated last year
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆60Updated 2 years ago
• woodpecker-appstore / log4j-payload-generator
  Log4j jndi injects the Payload generator
  ☆489Updated 2 years ago
• PortSwigger / pentest-mapper
  A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities
  ☆116Updated 11 months ago
• PortSwigger / auth-matrix
  AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.
  ☆40Updated last year
• PortSwigger / portable-data-exfiltration
  This repo contains all the injections mentioned in my talk and enumerators.
  ☆120Updated 11 months ago
• d3k4z / burp-copy-as-ffuf
  Burp Extension that copies a request and builds a FFUF skeleton
  ☆107Updated last year
• sherlocksecurity / VMware-CVE-2022-22954
  POC for VMWARE CVE-2022-22954
  ☆280Updated 2 years ago
• SecuraBV / jws2pubkey
  jws2pubkey tool
  ☆37Updated 5 months ago
• PortSwigger / active-scan-plus-plus
  ActiveScan++ Burp Suite Plugin
  ☆208Updated 11 months ago
• elttam / semgrep-rules
  ☆175Updated last week
• simioni87 / auth_analyzer
  Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
  ☆185Updated 4 months ago
• PortSwigger / js-link-finder
  Burp Extension for a passive scanning JS files for endpoint links.
  ☆162Updated 5 years ago
• veracode-research / spring-view-manipulation
  When MVC magic turns black
  ☆285Updated 4 years ago