topolik / ois-dosLinks

Java Deserialization

☆27

Alternatives and similar repositories for ois-dos

Users that are interested in ois-dos are comparing it to the libraries listed below

Sorting:

GDSSecurity / Jetleak-Testing-Script
Script to test if a server is vulnerable to the JetLeak vulnerability
☆144Updated 9 years ago
ssexxe / XXEBugFind
A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications
☆72Updated 11 years ago
NetSPI / Burp-Extensions
Central Repo for Burp extensions
☆151Updated 3 years ago
irsl / jackson-rce-via-spel
An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
☆124Updated 7 years ago
o2platform / DefCon_RESTing
Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro
☆53Updated 12 years ago
NetSPI / JavaSerialKiller
Burp extension to perform Java Deserialization Attacks
☆214Updated last year
NickstaDB / DeserLab
Java deserialization exploitation lab.
☆235Updated 6 years ago
federicodotta / HandyCollaborator
Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!
☆104Updated 7 years ago
siberas / sjet
siberas JMX exploitation toolkit
☆130Updated 2 years ago
mbechler / serjs
A Java serializer in JavaScript
☆81Updated 7 years ago
RUB-NDS / DTD-Attacks
Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java
☆55Updated 9 years ago
njfox / Java-Deserialization-Exploit
☆128Updated 9 years ago
yolosec / ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆34Updated 9 years ago
mbechler / serianalyzer
A static byte code analyzer for Java deserialization gadget research
☆250Updated 8 years ago
attackercan / cpp-sql-fuzzer
☆56Updated 9 years ago
yandex / burp-molly-pack
Security checks pack for Burp Suite
☆139Updated 7 years ago
ttffdd / XBadManners
Tool for CVE-2018-16323
☆81Updated 6 years ago
0ang3el / EasyCSRF
☆162Updated 7 years ago
LinkedInAttic / sometime
A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
☆60Updated 8 years ago
firefart / CVE-2018-7600
CVE-2018-7600 - Drupal 7.x RCE
☆72Updated 7 years ago
GoSecure / break-fast-serial
A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
☆55Updated 8 years ago
frohoff / inspector-gadget
Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
☆108Updated 9 years ago
GrrrDog / ZeroNights-WebVillage-2017
☆71Updated 7 years ago
summitt / burp-ysoserial
YSOSERIAL Integration with burp suite
☆166Updated 2 years ago
pinnace / burp-jwt-fuzzhelper-extension
JWT Fuzzer for BurpSuite. Adds an Intruder hook for on-the-fly JWT fuzzing.
☆100Updated 6 years ago
0ang3el / HQLi-playground
☆46Updated 9 years ago
SpiderLabs / Airachnid-Burp-Extension
A Burp Extension to test applications for vulnerability to the Web Cache Deception attack
☆139Updated 4 years ago
0ang3el / Unsafe-JAX-RS-Burp
Burp Suite extension for JAX-RS
☆65Updated 8 years ago
Contrast-Security-OSS / joogle
A static analysis API for finding deserialization attack gadgets
☆38Updated 2 years ago
TheRook / CSRF-Request-Builder
☆77Updated 9 years ago