RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler
☆20Dec 24, 2013Updated 12 years ago
Alternatives and similar repositories for XStreamServer
Users that are interested in XStreamServer are comparing it to the libraries listed below
Sorting:
- This application is developed to test the race condition vulnerability in the web application. We have discussed about this vulnerability…☆14Oct 1, 2016Updated 9 years ago
- Conference Papers and Appendicies (USENIX Security, BlackHat, HITBSecConf, and BeVX)☆27Aug 6, 2023Updated 2 years ago
- Journey to conquer the OSCP!☆13Apr 18, 2019Updated 6 years ago
- A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE)☆13May 2, 2019Updated 6 years ago
- Viewstate Hidden Control Enumerator☆17Sep 12, 2013Updated 12 years ago
- A PoC that shows that Web Vulnerabilities can indeed be interesting☆20Mar 27, 2018Updated 7 years ago
- Run DependencyCheck Against Your Orgs GitHub Repos.☆14Jan 5, 2018Updated 8 years ago
- DNS over HTTPS Servers☆13Nov 19, 2018Updated 7 years ago
- A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…☆12Jun 29, 2015Updated 10 years ago
- All the content from my Troopers 19 talk☆12Mar 20, 2019Updated 6 years ago
- X41 BeanStack - Stack Trace Fingerprinting BETA☆52Dec 3, 2025Updated 2 months ago
- intentionally vulnerable API☆30Sep 10, 2024Updated last year
- ZigBee hacking tools and scripts☆14Mar 25, 2018Updated 7 years ago
- ☆13Nov 1, 2017Updated 8 years ago
- An offensive bash script which tries to find GENERIC privesc vulnerabilities and issues.☆13Oct 17, 2017Updated 8 years ago
- Exploit for Jenkins serialization vulnerability - CVE-2016-0792☆49Aug 2, 2017Updated 8 years ago
- ☆28Oct 16, 2017Updated 8 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Jan 31, 2017Updated 9 years ago
- ☆26Dec 8, 2025Updated 2 months ago
- crypto currency api arbitrage☆18Apr 28, 2019Updated 6 years ago
- Demo server for testing Java deserialization payloads☆15Sep 18, 2016Updated 9 years ago
- ☆16Jul 7, 2020Updated 5 years ago
- Improved decoder for Burp Suite☆138Aug 30, 2021Updated 4 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆104Jun 1, 2018Updated 7 years ago
- Tools to gather subdomains from Bug Bounty programs☆65Mar 29, 2018Updated 7 years ago
- DoS PoC's for SAP products☆51Jan 23, 2018Updated 8 years ago
- S2-055的环境,基于rest-show-case改造☆37Dec 7, 2017Updated 8 years ago
- Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.☆35Mar 2, 2020Updated 5 years ago
- Ansible module for OWASP ZAP using Python API to scan web targets for security issues☆15Dec 3, 2017Updated 8 years ago
- Demo of a webapp with flawed security, for training purposes☆20Apr 10, 2023Updated 2 years ago
- ☆72Nov 20, 2017Updated 8 years ago
- spring mvc cve-2014-3625☆32Mar 11, 2016Updated 9 years ago
- POC for CVE-2018-15685☆42Aug 24, 2018Updated 7 years ago
- Tools for analysing the forward DNS data set published at https://scans.io/study/sonar.fdns_v2☆17Sep 17, 2017Updated 8 years ago
- Dockerised Version of Frida☆21May 10, 2023Updated 2 years ago
- Write Up I write for different CTFs☆12Nov 20, 2017Updated 8 years ago
- PLASMA PULSAR☆70May 19, 2017Updated 8 years ago
- A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications☆72Sep 4, 2014Updated 11 years ago
- Summary and archives of leaked Vietnam TLD DNS data☆46Sep 4, 2017Updated 8 years ago