Padding oracle attack against PKCS7
☆334Oct 5, 2022Updated 3 years ago
Alternatives and similar repositories for Padding-oracle-attack
Users that are interested in Padding-oracle-attack are comparing it to the libraries listed below
Sorting:
- Automated script for performing Padding Oracle attacks☆807Jul 13, 2024Updated last year
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- 🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.☆215Feb 3, 2023Updated 3 years ago
- PoC for Scala and Groovy☆14Apr 4, 2016Updated 9 years ago
- A portable, padding oracle exploit API☆332Dec 1, 2022Updated 3 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆14Dec 30, 2018Updated 7 years ago
- some java code i met or i used☆29May 7, 2019Updated 6 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆387Apr 16, 2022Updated 3 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- ☆10Aug 13, 2015Updated 10 years ago
- Multi-language web CGI interfaces exploits.☆399Aug 22, 2022Updated 3 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- bypass JEP290 RaspHook code☆63Sep 21, 2020Updated 5 years ago
- procfs-based PHP sandbox bypass☆133Sep 19, 2018Updated 7 years ago
- Burp Suite AMF Extension☆48Sep 24, 2018Updated 7 years ago
- The legacy Exploit Database paper repository - New repo located at https://gitlab.com/exploit-database/exploitdb-papers☆459Nov 10, 2022Updated 3 years ago
- ☆153Jun 24, 2019Updated 6 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 6 years ago
- ☆92Jan 17, 2019Updated 7 years ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆221Feb 19, 2026Updated 2 weeks ago
- Decrypt AES256GCM-encrypted data in Apple Pay Payment Tokens.☆10Nov 30, 2018Updated 7 years ago
- ☆30Sep 13, 2021Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,167May 26, 2023Updated 2 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,079Jun 15, 2021Updated 4 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Nov 20, 2022Updated 3 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆799Nov 7, 2021Updated 4 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆124Jan 9, 2018Updated 8 years ago
- Exploitation Script for CVE-2020-0688 "Microsoft Exchange default MachineKeySection deserialize vulnerability"☆11Apr 1, 2020Updated 5 years ago
- A fastjson payload generator☆59Oct 13, 2020Updated 5 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆58Oct 31, 2019Updated 6 years ago
- ☆835Jun 7, 2022Updated 3 years ago
- Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告☆107Dec 13, 2017Updated 8 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- Updated version of SWFIntruder☆27Aug 16, 2016Updated 9 years ago
- Java Object Deserialization on Android☆86Apr 11, 2019Updated 6 years ago