qtc-de / beanshooter
JMX enumeration and attacking tool.
☆382Updated 5 months ago
Related projects: ⓘ
- jolokia-exploitation-toolkit☆276Updated 5 months ago
- Java RMI Vulnerability Scanner☆811Updated 2 months ago
- That repository contains my updates to the well know java deserialization exploitation tool ysoserial.☆173Updated 2 years ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆110Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆581Updated 3 years ago
- ☆277Updated 2 years ago
- ☆401Updated last year
- ☆393Updated 2 years ago
- IOXIDResolver.py from AirBus Security☆212Updated 10 months ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆420Updated 2 years ago
- ☆159Updated last month
- Subdomains analysis and generation tool. Reveal the hidden!☆229Updated this week
- Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.☆182Updated 3 months ago
- MOGWAI LABS JMX exploitation toolkit☆196Updated last year
- Damn Vulnerable Thick Client App developed in C# .NET☆136Updated last year
- Burp Extensions Api☆136Updated last month
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty☆185Updated 2 months ago
- Burpsuite plugin for Interact.sh☆197Updated 2 months ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆701Updated 3 years ago
- From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller☆391Updated last year
- Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)☆502Updated 9 months ago
- RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1☆157Updated 3 years ago
- RCE exploit for CVE-2023-3519☆218Updated last year
- Source Code Management Attack Toolkit☆209Updated last year
- Extracts Key Values from .keytab files☆205Updated 4 years ago
- POC for VMWARE CVE-2022-22954☆281Updated 2 years ago
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.☆342Updated 2 years ago
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆343Updated 3 weeks ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆775Updated last year
- ☆376Updated 3 years ago