polyhedraltech / SecurityTesting

Related projects: ⓘ

• neraliu / tainted-phantomjs
  Tainted PhantomJS
  ☆53Updated 9 years ago
• omarkurt / cve-2014-0130
  cve-2014-0130 rails directory traversal vuln
  ☆18Updated 7 years ago
• DirectDefense-zz / SuperSerial-Active
  ☆42Updated this week
• webr0ck / WAF_Bypass_Helper
  ☆35Updated this week
• GrrrDog / ZeroNights-WebVillage-2017
  ☆70Updated 6 years ago
• Gifts / XXE-OOB-Exploitation-Toolset-for-Automation
  XXE OOB Exploitation Toolset for Automation
  ☆63Updated 10 years ago
• ssexxe / XXEBugFind
  A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications
  ☆72Updated 10 years ago
• GrrrDog / ACEDcup
  Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)
  ☆39Updated 8 years ago
• debasishm89 / dotNetFuzz
  A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.
  ☆42Updated 5 years ago
• viyatb / horus
  ☆17Updated this week
• iriusrisk / RopeyTasks
  Deliberately vulnerable web application
  ☆22Updated 7 years ago
• immunio / apache-struts2-CVE-2017-5638
  Demo Application and Exploit
  ☆35Updated 7 years ago
• cyberpunkych / attacking_mongodb
  Files from Zeronights presentation.
  ☆28Updated 11 years ago
• floyd-fuh / burp-HttpFuzzer
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Updated 7 years ago
• gursev / flash-xdomain-xploit
  ActionScript Proof of Concept to perform cross-domain reads
  ☆45Updated 11 years ago
• augustd / burp-suite-software-version-checks
  Burp extension to passively scan for applications revealing software version numbers
  ☆30Updated 3 months ago
• nccgroup / dotnetpaddingoracle
  Python Implementation of a .NET Padding Oracle Assessment Tool
  ☆30Updated 8 years ago
• v-egoshin / WindowsUploadToolkit
  PHDAYS |||
  ☆17Updated 11 years ago
• aur3lius-dev / SpyDir
  BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration
  ☆22Updated 6 years ago
• SeanHeelan / funserialize
  Scripts and auxiliary files for fuzzing PHP's unserialize function
  ☆43Updated 7 years ago
• 0ang3el / Hibernate-Injection-Study
  Study about HQL injection exploitation.
  ☆48Updated 8 years ago
• Charliedean / PsexecSpray
  Spray SMB with hashes, Then psexec
  ☆32Updated 5 years ago
• aurainfosec / burp-multi-browser-highlighting
  Highlight Burp proxy requests made by different browsers
  ☆30Updated 7 years ago
• jackmasa / HTMLFuzzer
  ☆28Updated this week
• irsl / struts-any-results
  Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.
  ☆12Updated 5 years ago
• silentsignal / burp-collab-gw
  Simple socket-based gateway to the Burp Collaborator
  ☆33Updated 7 years ago
• h3xstream / burp-image-metadata
  Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).
  ☆13Updated last year
• avicoder / Hackerone
  Hackerone disclosed report URL Aggregator
  ☆29Updated 5 years ago
• GDSSecurity / JSSE_Fortify_SCA_Rules
  Custom Fortify SCA rules to detect common JSSE certification validation flaws
  ☆11Updated 8 years ago
• hatRiot / rpcshell
  Axis2 RPC Shell
  ☆15Updated 9 years ago