mandiant / heyserial
Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types
☆136Updated last year
Related projects: ⓘ
- Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface.☆118Updated 2 months ago
- This script is a multi-threaded Okta password sprayer.☆66Updated 8 months ago
- ☆145Updated 2 years ago
- A simple remote scanner for Atlassian Jira☆117Updated last year
- nse script to inject jndi payloads☆45Updated 2 years ago
- Recurrent Neural Network SubDomain Discovery Tool☆90Updated last year
- A Burp Suite Extension for parsing Project Files from the CLI.☆82Updated last year
- ☆111Updated 3 years ago
- Mindmaps allow to organize and understand information faster and better.☆2Updated 2 years ago
- Lookup for interesting stuff in SMB shares☆147Updated last year
- Custom scripts for the PIPER Burp extensions.☆97Updated 11 months ago
- OSCP guide and Red Team assessment Guide☆33Updated 4 years ago
- Zuthaka is an open source application designed to assist red-teaming efforts, by simplifying the task of managing different APTs and othe…☆174Updated last year
- ☆62Updated 5 years ago
- Static code analysis tool based on Elasticsearch☆129Updated 3 years ago
- Find the remote website version based on a git repository☆122Updated 3 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆74Updated 2 years ago
- Vulnerable thick client applications used as examples in the Introduction to Hacking Desktop Applications blog series☆96Updated 8 months ago
- Tools to assess the DNS security of web applications☆125Updated last year
- A list of "secrets" from JWT sample code and readme files.☆51Updated 3 years ago
- A Red Team tool for exfiltrating sensitive data from Confluence pages.☆103Updated last year
- Determine the running software version of a remote F5 BIG-IP management interface.☆60Updated 8 months ago
- ☆68Updated 2 years ago
- Contains all my research and content produced regarding the log4shell vulnerability☆32Updated 2 years ago
- Vulnerability☆28Updated 3 weeks ago
- A compilation of network scanning strategies to find vulnerable devices☆71Updated last year
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆57Updated last year
- ☆90Updated this week
- ☆90Updated 2 years ago
- ☆108Updated last year