omerlh / insecure-deserialisation-net-pocLinks
A small webserver vulnerable to insecure deserialization
☆20Updated 7 years ago
Alternatives and similar repositories for insecure-deserialisation-net-poc
Users that are interested in insecure-deserialisation-net-poc are comparing it to the libraries listed below
Sorting:
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Updated 11 years ago
- Burp extension to decode NTLM SSP headers and extract domain/host information☆32Updated 4 years ago
- cve-2014-0130 rails directory traversal vuln☆19Updated 8 years ago
- A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…☆12Updated 9 years ago
- OWASP Skanda - SSRF Exploitation Framework☆38Updated 11 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 6 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Updated 8 years ago
- Generate pentest reports based on github issues.☆17Updated 2 years ago
- A tool to analyse JMX API security level.☆43Updated 10 years ago
- ☆38Updated 4 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Updated 8 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 6 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆23Updated 8 years ago
- Burp extension to passively scan for applications revealing software version numbers☆31Updated last year
- Utilities for creating Burp Suite Extensions.☆21Updated 7 months ago
- My IDA scripts, tips and testing techniques for Thick Client applications.☆17Updated 10 years ago
- Simple trick to increase readability of exceptions raised by Burp extensions written in Python☆43Updated 8 years ago
- WStalker: an easy proxy☆25Updated 5 years ago
- Python script which will type a file into an RDP session. For when drag and drop and disk mounting is not possible☆32Updated last year
- The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…☆13Updated 6 years ago
- CVE-2017-8570 Exploit☆21Updated 7 years ago
- This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter☆20Updated 8 years ago
- Burp Suite plugin that allow to deserialize Java objects and convert them in an XML format. Unpack also gzip responses. Based on BurpJDSe…☆20Updated last year
- A simple grep user interface for searching code which can be used for SAST.☆8Updated 5 years ago
- A collection of published exploits and proof-of-concept code.☆21Updated 7 years ago
- Scripts that I've written that others may find useful☆14Updated 2 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43Updated 5 years ago
- Scans tcl for command injection☆36Updated 6 years ago
- A relatively flexible tool to parse mimikatz output☆35Updated 8 years ago
- Proof of concept written in Python to show that in some situations a SSRF vulnerability can be used to steal NTLMv1/v2 hashes.☆57Updated 7 years ago