rcseacord / JavaSCR
Secure Coding Rules for Java
☆30Updated last year
Related projects: ⓘ
- Externalize Java application access to protected resources as log messages.☆41Updated 4 months ago
- Repository to showcase various configuration recipes with various technologies☆35Updated last year
- JMSDigger is JMS API basedEnterprise Messaging Application assessment tool☆31Updated 10 years ago
- PrOfESSOS is our open source implementation for fully automated Evaluation-as-a-Service for SSO. PrOfESSOS introduces a generic approach …☆27Updated last year
- Vulnerable Java based Web Application☆31Updated 5 years ago
- OAuth plugin for Burp Suite Extender☆42Updated 6 years ago
- Deliberately vulnerable web application☆22Updated 7 years ago
- Burp extension to help developers replicate findings from pen tests☆70Updated last month
- A Burp Extender plugin, that will deserialized java objects and encode them in XML using the Xtream library.☆25Updated 9 years ago
- Cracker for Apache.lang.commons RandomStringUtils(). Code for "The Java Soothsayer" talk at EkoParty 2017 by Alejo Popovici.☆32Updated 6 years ago
- Spring-Boot app for demonstrating security vulnaribilities☆13Updated 5 years ago
- OAuth Security Cheatsheet☆39Updated 10 years ago
- ☆70Updated 6 years ago
- Burp Suite extension to passively scan for applications revealing server error messages☆64Updated 9 months ago
- Burp Suite extension to generate Intruder payloads using Radamsa☆86Updated 7 years ago
- Simple trick to increase readability of exceptions raised by Burp extensions written in Python☆42Updated 7 years ago
- .NET Deserialization Passive Scanner☆45Updated 6 years ago
- Demo server for testing Java deserialization payloads☆15Updated 8 years ago
- An extension for BurpSuite that highlights SSO messages in Burp's proxy window..☆116Updated 3 years ago
- CTF Write-ups☆26Updated 5 years ago
- Use burp's JS static code analysis on code from your local system.☆42Updated 7 years ago
- Burp extension to passively scan for applications revealing software version numbers☆30Updated 3 months ago
- A deliberately vulnerable modern day app with lots of DOM related bugs☆35Updated 5 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆121Updated 6 years ago
- Highlight Burp proxy requests made by different browsers☆30Updated 6 years ago
- Provides a suite of Burp extensions and a maven plugin to automate security tests using BurpSuite.☆25Updated 6 years ago
- Jaqen - Simple DNS rebinding☆70Updated 6 years ago
- A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!☆33Updated 5 years ago
- A static analysis API for finding deserialization attack gadgets☆37Updated last year
- Jekyll Files for cloudsecwiki.com☆49Updated 3 years ago