Java Deserialization
☆27Oct 21, 2016Updated 9 years ago
Alternatives and similar repositories for ois-dos
Users that are interested in ois-dos are comparing it to the libraries listed below
Sorting:
- PoC for Scala and Groovy☆14Apr 4, 2016Updated 9 years ago
- PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM☆52Mar 14, 2018Updated 8 years ago
- Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro☆53Aug 5, 2013Updated 12 years ago
- Assembler, disassembler and decompiler for Java class files☆19Apr 30, 2015Updated 10 years ago
- ☆24Oct 18, 2022Updated 3 years ago
- A static analysis API for finding deserialization attack gadgets☆38Nov 7, 2022Updated 3 years ago
- A static byte code analyzer for Java deserialization gadget research☆251Apr 17, 2017Updated 8 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing☆19Feb 4, 2022Updated 4 years ago
- ☆72Nov 20, 2017Updated 8 years ago
- Browser Vulnerability Exploit DB(浏览器漏洞PoC数据库)☆10Feb 7, 2017Updated 9 years ago
- CVE-2020-1958 PoC☆22Apr 11, 2020Updated 5 years ago
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆55Mar 27, 2017Updated 8 years ago
- Exploit PoC for Spring RCE issue (CVE-2011-2894)☆44Dec 17, 2023Updated 2 years ago
- This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).☆17Jun 4, 2021Updated 4 years ago
- It is a dedicated requests lib that supports cookie, headers, get/post, etc. And it also supports rendering the response (e.g. Javascript…☆86Sep 12, 2017Updated 8 years ago
- retire.js has a new home☆19May 31, 2015Updated 10 years ago
- Prangster tool from the Black Hat USA 2013 presentation "Black-Box Assessment of Pseudorandom Algorithms" by Derek Soeder, Christopher Ab…☆11Jul 9, 2014Updated 11 years ago
- ☆12Jul 1, 2018Updated 7 years ago
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆387Apr 16, 2022Updated 3 years ago
- Python script to exploit java unserialize on t3 (Weblogic)☆61Aug 9, 2017Updated 8 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Mar 24, 2017Updated 8 years ago
- A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…☆12Jun 29, 2015Updated 10 years ago
- Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language☆110May 12, 2016Updated 9 years ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆140Feb 18, 2021Updated 5 years ago
- A mail reflector written in Python with modules for SPF, DKIM and DMARC authentication, used as a test system for testing correspondent's…☆13Sep 15, 2016Updated 9 years ago
- Zabbix Jsrpc.php Injection Exploit☆25Aug 29, 2016Updated 9 years ago
- Burp extension for decoding WCF-gzipped requests.☆12Jan 25, 2016Updated 10 years ago
- Offline Security Client☆12Feb 10, 2026Updated last month
- ☆13May 30, 2017Updated 8 years ago
- Python script to give you subsets of the nmap "top-ports". For example, I want the 10th to 100th most common TCP ports. Spits out a comma…☆18Mar 8, 2020Updated 6 years ago
- A proxy for encrypting TCP connections.☆11Mar 15, 2017Updated 9 years ago
- A tiny Java agent that blocks attacks against unsafe deserialization☆87Oct 9, 2017Updated 8 years ago
- Exploitation toolkit for RichFaces☆106Nov 3, 2023Updated 2 years ago
- vulnerability reporting tool powered by vulners.com and wpvulndb.com☆12Aug 31, 2022Updated 3 years ago
- 攻击Java Web应用-[Java Web安全]☆12Dec 10, 2019Updated 6 years ago
- Proof-of-Concept python script that implements DNS spoofing attack in Kubernetes environment from a pod located on a Worker server☆15Feb 4, 2021Updated 5 years ago
- Examples of projects using Arduino and ESP8266☆13Oct 6, 2014Updated 11 years ago
- Go client for Elasticsearch OSINT platform☆15Nov 4, 2023Updated 2 years ago
- ☆16Jul 20, 2020Updated 5 years ago