A portable, padding oracle exploit API
☆332Dec 1, 2022Updated 3 years ago
Alternatives and similar repositories for python-paddingoracle
Users that are interested in python-paddingoracle are comparing it to the libraries listed below
Sorting:
- Automated script for performing Padding Oracle attacks☆809Jul 13, 2024Updated last year
- ☆23Nov 18, 2015Updated 10 years ago
- ☆92Jan 17, 2019Updated 7 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆387Apr 16, 2022Updated 3 years ago
- Java RMI enumeration and attack tool.☆745Sep 28, 2017Updated 8 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆31Dec 17, 2015Updated 10 years ago
- A python-based padding oracle tool☆20Updated this week
- Padding oracle attack against PKCS7☆334Oct 5, 2022Updated 3 years ago
- Mogwai Java Management Extensions (JMX) Exploitation Toolkit☆174Jul 21, 2016Updated 9 years ago
- discuz-plugin-scan☆21Sep 23, 2015Updated 10 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆801Nov 7, 2021Updated 4 years ago
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆55Mar 27, 2017Updated 8 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,172May 26, 2023Updated 2 years ago
- Improving side channel analysis techniques for CTF problems.☆12Oct 25, 2020Updated 5 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,125Apr 21, 2024Updated last year
- Shiro RCE (Padding Oracle Attack)☆148Nov 15, 2019Updated 6 years ago
- ☆13Aug 18, 2016Updated 9 years ago
- PowerShell Scripts I find useful☆776May 18, 2016Updated 9 years ago
- SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.☆480Jan 1, 2018Updated 8 years ago
- Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls☆42Jan 22, 2016Updated 10 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆221Updated this week
- 🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.☆216Feb 3, 2023Updated 3 years ago
- ☆502Mar 10, 2016Updated 10 years ago
- An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction☆1,118Dec 2, 2021Updated 4 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆583Sep 7, 2021Updated 4 years ago
- TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.☆1,656May 25, 2024Updated last year
- ☆133Nov 6, 2015Updated 10 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- ☆35Aug 29, 2012Updated 13 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 7 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116May 17, 2019Updated 6 years ago
- Fast threaded padding oracle attack automation script for Python 3.☆38Nov 25, 2023Updated 2 years ago
- SHELLING - a comprehensive OS command injection payload generator☆447Mar 16, 2020Updated 6 years ago
- Build a database of libc offsets to simplify exploitation☆1,855Oct 23, 2024Updated last year
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,721Dec 1, 2024Updated last year
- ☆3,661Jan 9, 2025Updated last year
- A tool for embedding XXE/XML exploits into different filetypes☆1,135Dec 16, 2024Updated last year