topolik / ois-dosLinks
Java Deserialization
☆26Updated 8 years ago
Alternatives and similar repositories for ois-dos
Users that are interested in ois-dos are comparing it to the libraries listed below
Sorting:
- Script to test if a server is vulnerable to the JetLeak vulnerability☆144Updated 9 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆124Updated 7 years ago
- Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro☆53Updated 12 years ago
- A Java serializer in JavaScript☆81Updated 7 years ago
- A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications☆72Updated 11 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆34Updated 9 years ago
- Central Repo for Burp extensions☆151Updated 3 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆103Updated 7 years ago
- Tool for CVE-2018-16323☆81Updated 6 years ago
- Burp extension to perform Java Deserialization Attacks☆214Updated last year
- ☆71Updated 7 years ago
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆108Updated 9 years ago
- siberas JMX exploitation toolkit☆131Updated 2 years ago
- CVE-2018-7600 - Drupal 7.x RCE☆72Updated 7 years ago
- A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities☆60Updated 8 years ago
- Improved decoder for Burp Suite☆138Updated 4 years ago
- JWT Fuzzer for BurpSuite. Adds an Intruder hook for on-the-fly JWT fuzzing.☆100Updated 6 years ago
- ☆56Updated 8 years ago
- X41 BeanStack - Stack Trace Fingerprinting BETA☆52Updated 4 years ago
- A static byte code analyzer for Java deserialization gadget research☆249Updated 8 years ago
- Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java☆55Updated 9 years ago
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆55Updated 8 years ago
- A brute force program to test weak accounts configured to access a JMX Registry☆35Updated 8 years ago
- Java deserialization exploitation lab.☆235Updated 6 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Updated 8 years ago
- ☆77Updated 9 years ago
- Burp Suite extension for JAX-RS☆65Updated 8 years ago
- Security checks pack for Burp Suite☆139Updated 7 years ago
- ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)☆292Updated 2 years ago
- ☆162Updated 7 years ago