Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro
☆53Aug 5, 2013Updated 12 years ago
Alternatives and similar repositories for DefCon_RESTing
Users that are interested in DefCon_RESTing are comparing it to the libraries listed below
Sorting:
- [WIP] a simple UI for Vulhub☆16Jun 10, 2021Updated 4 years ago
- Exploit PoC for Spring RCE issue (CVE-2011-2894)☆44Dec 17, 2023Updated 2 years ago
- cve-2014-0130 rails directory traversal vuln☆19May 15, 2017Updated 8 years ago
- Another plugin for CRLF vulnerability detection☆25Jan 25, 2017Updated 9 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Mar 24, 2017Updated 8 years ago
- Confluence Widget Connector path traversal (CVE-2019-3396)☆22Oct 4, 2019Updated 6 years ago
- A collection of published exploits and proof-of-concept code.☆21Dec 19, 2017Updated 8 years ago
- CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion☆18Mar 3, 2021Updated 4 years ago
- Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告☆107Dec 13, 2017Updated 8 years ago
- ☆72Nov 20, 2017Updated 8 years ago
- ☆27Mar 6, 2021Updated 4 years ago
- Deprecated: Please visit https://github.com/github/codeql instead.☆82Apr 8, 2022Updated 3 years ago
- spring mvc cve-2014-3625☆32Mar 11, 2016Updated 9 years ago
- A Java serializer in JavaScript☆80May 21, 2018Updated 7 years ago
- Experimental Java agent to stomp on things.☆15Feb 10, 2019Updated 7 years ago
- POC for XStream RCE☆13Dec 23, 2013Updated 12 years ago
- Java Deserialization☆27Oct 21, 2016Updated 9 years ago
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆110May 12, 2016Updated 9 years ago
- Jira Information Gatherer☆29Dec 3, 2017Updated 8 years ago
- PoC for Scala and Groovy☆14Apr 4, 2016Updated 9 years ago
- ☆85Dec 6, 2019Updated 6 years ago
- bypass JEP290 RaspHook code☆63Sep 21, 2020Updated 5 years ago
- when pass change ,send the pass to remote host☆20Jan 19, 2020Updated 6 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆386Apr 16, 2022Updated 3 years ago
- Study about HQL injection exploitation.☆51May 15, 2016Updated 9 years ago
- ☆35Dec 5, 2025Updated 2 months ago
- PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM☆52Mar 14, 2018Updated 7 years ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆297Jun 10, 2019Updated 6 years ago
- Mogwai Java Management Extensions (JMX) Exploitation Toolkit☆174Jul 21, 2016Updated 9 years ago
- Java Message Exploitation Tool☆511Jul 6, 2022Updated 3 years ago
- A static analysis API for finding deserialization attack gadgets☆38Nov 7, 2022Updated 3 years ago
- ☆153Jun 24, 2019Updated 6 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆25Nov 7, 2017Updated 8 years ago
- WebLogic Exploit☆143Jul 13, 2018Updated 7 years ago
- CVE-2020-1958 PoC☆22Apr 11, 2020Updated 5 years ago
- Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).☆520Mar 11, 2022Updated 3 years ago
- Weblogic-CVE-2018-3191远程代码命令执行漏洞☆68Oct 24, 2018Updated 7 years ago
- A custom web vulnerability scanner☆28Nov 17, 2018Updated 7 years ago
- Java RMI enumeration and attack tool.☆745Sep 28, 2017Updated 8 years ago