omerlh / insecure-deserialisation-net-poc
A small webserver vulnerable to insecure deserialization
☆20Updated 6 years ago
Related projects: ⓘ
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Updated 11 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 6 years ago
- cve-2014-0130 rails directory traversal vuln☆18Updated 7 years ago
- Burp extension to decode NTLM SSP headers and extract domain/host information☆31Updated 3 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Updated 7 years ago
- ☆35Updated 4 years ago
- A simple grep user interface for searching code which can be used for SAST.☆8Updated 5 years ago
- WStalker: an easy proxy☆25Updated 4 years ago
- Check for .net padding oracle patch☆19Updated 5 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆22Updated 7 years ago
- Burp Suite Professional extension in Java for Tabnabbing attack☆13Updated 6 years ago
- Simple trick to increase readability of exceptions raised by Burp extensions written in Python☆42Updated 7 years ago
- A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…☆12Updated 9 years ago
- A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.☆42Updated 5 years ago
- Python script which will type a file into an RDP session. For when drag and drop and disk mounting is not possible☆31Updated 4 months ago
- A tool to analyse JMX API security level.☆43Updated 10 years ago
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.☆42Updated 7 years ago
- All about CVE-2018-14667; From what it is to how to successfully exploit it.☆47Updated 5 years ago
- OWASP Skanda - SSRF Exploitation Framework☆36Updated 11 years ago
- Extension adds a new tab in Burp Suite called Extractor☆42Updated 5 years ago
- ☆13Updated 8 years ago
- The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…☆13Updated 5 years ago
- A Pythonic wrapper to MassDNS☆23Updated 6 years ago
- Burp Suite plugin that allow to deserialize Java objects and convert them in an XML format. Unpack also gzip responses. Based on BurpJDSe…☆20Updated 7 months ago
- ActionScript Proof of Concept to perform cross-domain reads☆16Updated 11 years ago
- .NET Deserialization Passive Scanner☆45Updated 6 years ago
- My python3 implementation of a Forward Shell☆35Updated 5 years ago
- ☆21Updated 8 years ago
- Abusing SketchUp to make persistence on Windows☆19Updated 5 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 5 years ago