mandiant / route-sixty-sink
Link sources to sinks in C# applications.
☆144Updated 2 years ago
Alternatives and similar repositories for route-sixty-sink:
Users that are interested in route-sixty-sink are comparing it to the libraries listed below
- A python script to merge multiple jar files for easier debugging via JD-Eclipse☆61Updated 2 years ago
- A variant analysis and visualisation tool that scans codebases for similar vulnerabilities☆73Updated 2 years ago
- A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications☆63Updated 4 years ago
- RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…☆107Updated 4 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆88Updated 5 months ago
- Utility for creating ZipSlip archives☆72Updated 2 years ago
- ☆189Updated 5 months ago
- PoC of CVE-2020-16947 (Microsoft Outlook RCE vulnerablility)☆124Updated 4 years ago
- Scans for .NET Deserialization Bugs in .NET Assemblies☆78Updated 5 months ago
- Finding Java gadget chains with CodeQL☆169Updated 3 months ago
- Source Code Management Attack Toolkit☆215Updated 2 years ago
- Proof-of-concept code for various bugs☆109Updated 5 months ago
- Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1☆57Updated last year
- ☆281Updated 3 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆173Updated 6 months ago
- Recurrent Neural Network SubDomain Discovery Tool☆95Updated 2 years ago
- Improve automated and semi-automated active scanning in Burp Pro☆61Updated 2 years ago
- PHP binary bugs advisory☆179Updated 2 years ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆58Updated 10 months ago
- ☆164Updated 3 years ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆142Updated last year
- Repository to store exploits created by Assetnotes Security Research team☆177Updated last year
- A GraphQL enumeration and extraction tool☆131Updated 2 years ago
- Workshop given at Hack in Paris 2019☆121Updated last year
- jws2pubkey tool☆38Updated 10 months ago
- A malicious LDAP server for JNDI injection attacks☆74Updated 5 months ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆88Updated last year
- ☆148Updated 3 years ago
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.☆353Updated 3 years ago
- Telerik UI for ASP.NET AJAX File upload and .NET deserialisation exploit (CVE-2017-11317, CVE-2017-11357, CVE-2019-18935)☆174Updated 4 years ago