pwntester / ysoserialLinks
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆36Updated 9 years ago
Alternatives and similar repositories for ysoserial
Users that are interested in ysoserial are comparing it to the libraries listed below
Sorting:
- A collection of tools that I use in CTF's or for assessments☆107Updated last year
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts☆127Updated last month
- ☆76Updated last year
- An MCP Server for Pwndoc (Pentesting Reporting Tool)☆37Updated 2 weeks ago
- A Burp extension to help pentesters copy requests / responses for reports.☆51Updated 7 months ago
- A small executable to trick a user to authenticate using code matching MFA☆69Updated 2 years ago
- Vast.ai Password Kracking☆92Updated 3 months ago
- Password spraying tool for Microsoft Online accounts (Entra/Azure/O365)☆67Updated last year
- A Slack bot phishing framework for Red Teaming exercises☆166Updated last year
- Converting your Burp Suite projects into JSON APIs which can be viewed with Swagger editor or imported into Postman.☆75Updated last year
- Comprehensive AWS cloud reconnaissance and privilege escalation toolkit written in Python. Features IAM, EC2, S3, Lambda, ECS, Secrets Ma…☆49Updated 7 months ago
- NullSection is an Anti-Reversing tool that applies a technique that overwrites the section header with nullbytes.☆67Updated 2 years ago
- Nuclei scripts created by @rxerium for zero days / actively exploited vulnerabilities.☆72Updated last week
- Small Script that permits to enumerate folders in Windows Defender Exclusion List with no Administrative privileges☆27Updated last year
- Cross platform (Linux / Windows) shellcode packer for CTFs and pentest / red team exams aiming for AV evasion !☆108Updated last week
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆113Updated 2 years ago
- A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.☆76Updated 10 months ago
- The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.☆61Updated last year
- Leveraging GitHub Actions to rotate IP addresses during password spraying attacks to bypass IP-Based blocking☆150Updated last year
- An advanced JWT extraction & decoding tool for bug bounty hunters! 🏴☠️☆45Updated 10 months ago
- Automates the network enumeration process in a fire-and-forget manner, among many more powerful functions. Zero effort, zero error networ…☆67Updated last month
- Basic brute-force script targeting the standard Keycloak Admin/User Console browser login flow.☆25Updated 10 months ago
- Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing☆54Updated 11 months ago
- Automate converting webshells into reverse shells.☆72Updated 3 weeks ago
- smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filters☆131Updated 10 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆60Updated 2 years ago
- Everything and anything related to password spraying☆151Updated last year
- LDAP Enumeration Tool for Pentesters☆48Updated 9 months ago
- A real fake social engineering app☆130Updated 6 months ago
- SOAPI - The OpenAPI Documentation Scanner☆39Updated 11 months ago