mandiant / heyserial
Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types
☆141Updated last year
Alternatives and similar repositories for heyserial:
Users that are interested in heyserial are comparing it to the libraries listed below
- This script is a multi-threaded Okta password sprayer.☆70Updated last year
- Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface.☆128Updated 8 months ago
- ☆147Updated 3 years ago
- ☆66Updated 6 years ago
- Find the remote website version based on a git repository☆125Updated 3 years ago
- nse script to inject jndi payloads☆46Updated 3 years ago
- Recurrent Neural Network SubDomain Discovery Tool☆91Updated 2 years ago
- A simple remote scanner for Atlassian Jira☆121Updated 2 years ago
- Lookup for interesting stuff in SMB shares☆149Updated last year
- Vulnerable thick client applications used as examples in the Introduction to Hacking Desktop Applications blog series☆101Updated last year
- HoneyCreds network credential injection to detect responder and other network poisoners.☆216Updated 3 years ago
- Zuthaka is an open source application designed to assist red-teaming efforts, by simplifying the task of managing different APTs and othe…☆176Updated 2 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.☆87Updated 5 months ago
- Mindmaps allow to organize and understand information faster and better.☆2Updated 3 years ago
- Determine the running software version of a remote F5 BIG-IP management interface.☆66Updated last year
- Posts about different topics☆36Updated last year
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆75Updated 2 years ago
- Contains all my research and content produced regarding the log4shell vulnerability☆31Updated 3 years ago
- Static code analysis tool based on Elasticsearch☆129Updated 4 years ago
- Enumerate AD through LDAP with a collection of helpfull scripts being bundled☆143Updated last week
- A list of "secrets" from JWT sample code and readme files.☆54Updated 4 years ago
- Custom scripts for the PIPER Burp extensions.☆97Updated last year
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆59Updated 2 years ago
- ☆115Updated 3 years ago
- A Red Team tool for exfiltrating sensitive data from Confluence pages.☆108Updated 2 years ago
- ☆69Updated 3 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Tools to assess the DNS security of web applications☆127Updated 2 years ago
- A GraphQL enumeration and extraction tool☆130Updated 2 years ago
- Extensive code infrastructure for finding unintended information leaks in files, git repositories and much more.☆28Updated 2 years ago