ASP.NET View State Decoder
☆124May 1, 2025Updated last year
Alternatives and similar repositories for viewstate
Users that are interested in viewstate are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Small tool to decode ASP.NET __VIEWSTATE variable when doing webpentests☆15Feb 27, 2021Updated 5 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆660Feb 1, 2025Updated last year
- PHP 8 Sandbox Escape☆87Feb 28, 2026Updated 2 months ago
- Parse unencrypted .NET ViewState objects with JavaScript☆21Dec 3, 2021Updated 4 years ago
- Viewstate Hidden Control Enumerator☆17Sep 12, 2013Updated 12 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Aug 10, 2013Updated 12 years ago
- Burp Suite AMF Extension☆48Sep 24, 2018Updated 7 years ago
- Deserialization payload generator for a variety of .NET formatters☆3,724Dec 23, 2024Updated last year
- Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro☆53Aug 5, 2013Updated 12 years ago
- Native Java serialization filter blacklist for common gadgets☆20Sep 12, 2019Updated 6 years ago
- A fastjson payload generator☆59Oct 13, 2020Updated 5 years ago
- Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"☆101Sep 20, 2019Updated 6 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Mar 24, 2017Updated 9 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆615Mar 4, 2021Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Collection of bypass gadgets to extend and wrap ysoserial payloads☆387Apr 16, 2022Updated 4 years ago
- ☆23Feb 9, 2018Updated 8 years ago
- Journey to learning frida android.☆11Apr 23, 2019Updated 7 years ago
- Proof of concept written in Python to show that in some situations a SSRF vulnerability can be used to steal NTLMv1/v2 hashes.☆57Dec 18, 2017Updated 8 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆153Feb 25, 2019Updated 7 years ago
- ☆101Nov 10, 2021Updated 4 years ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆448Sep 7, 2022Updated 3 years ago
- Short handy snippets from the @mwrlabs team☆20Jan 30, 2018Updated 8 years ago
- bSidesLisbon 2016 event contents☆10Dec 14, 2016Updated 9 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆141Apr 29, 2020Updated 6 years ago
- Remote Desktop Protocol in Twisted Python☆26Apr 13, 2018Updated 8 years ago
- A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …☆37Oct 1, 2025Updated 7 months ago
- Burp Suite Collaborator HTTP API☆45May 27, 2018Updated 7 years ago
- Bypassing disabled exec functions in PHP (c) CRLF☆405Oct 2, 2020Updated 5 years ago
- project-blacklist3r☆647Oct 3, 2025Updated 7 months ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆584Sep 7, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆11Aug 26, 2014Updated 11 years ago
- Extract Juniper firewall usernames and hashes and put into a John the Ripper format for cracking☆13Jul 4, 2014Updated 11 years ago
- Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls☆43Jan 22, 2016Updated 10 years ago
- Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.☆120Apr 22, 2026Updated 3 weeks ago
- Java RMI enumeration and attack tool.☆747Sep 28, 2017Updated 8 years ago
- Web Server that serves a single file and keeps the connection open until user releases it.☆75Nov 27, 2013Updated 12 years ago
- POC for XStream RCE☆13Dec 23, 2013Updated 12 years ago