- San Diego, CA
- Joined on
Apr 11, 2008
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
forked from Matir/pwnableweb-scoreboard
Scoreboard for CTF Competitions
Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
forked from francescou/docker-compose-ui
web interface for Docker Compose
forked from GrrrDog/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
a CLI tool for performing and composing encoding, decoding, encryption, decryption, hashing, and other various operations on streams of data from the command line; mostly intended for infosec uses.
forked from apache/commons-collections
Mirror of Apache Commons Collections
forked from getcode2git/exserial
Java Untrusted Deserialization Exploits Tools
forked from jOOQ/jOOR
jOOR - Fluent Reflection in Java jOOR is a very simple fluent API that gives access to your Java Class structures in a more intuitive way. The JDK's reflection APIs are hard and verbose to use. Other languages have much simpler constructs to access type meta information at runtime. Let us make Java reflection better.
forked from Tribler/self-compile-Android
Autonomous smartphone app. Capable of self-compilation, mutation, and viral spreading. World-first proof-of-principle to bypass Internet kill switches.
forked from vmware/pyvmomi-community-samples
A place for community contributed samples for the pyVmomi library.
forked from mitre-cyber-academy/ctf-scoreboard
Repository for the MITRE Capture the Flag scoreboard.
forked from awslabs/cloudwatch-logs-subscription-consumer
A specialized Amazon Kinesis stream reader (based on the Amazon Kinesis Connector Library) that can help you deliver data from Amazon CloudWatch Logs to any other system in near real-time using a CloudWatch Logs Subscription Filter.
A barebones CLI utility to prompt for and cache a password in memory, then hand it out over HTTP or raw TCP
forked from erikvanoosten/sentries
Sentries - For easy fault handling in Scala programs
forked from splunk/splunk-sdk-java
Splunk Software Development Kit for Java
forked from turbolinks/turbolinks-classic
Turbolinks makes following links in your web application faster (use with Rails Asset Pipeline)
forked from byt3bl33d3r/DHCPShock
Spoofs a DHCP server and exploits all clients vulnerable to the 'ShellShock' bug
forked from RuedigerMoeller/fast-serialization
FST: fast java serialization drop in-replacement http://ruedigermoeller.github.io/fast-serialization/
forked from sqlmapproject/sqlmap
Automatic SQL injection and database takeover tool
forked from rest-client/rest-client
Simple HTTP and REST client for Ruby, inspired by microframework syntax for specifying actions.
forked from spray/spray-template
SBT template project for quickly getting started with spray-server
forked from sgodbillon/BytecodeParser
A Java library to parse JVM bytecode, simulate the stack and extract as much information as possible
forked from gfranko/jquery.tocify.js
A jQuery Table of Contents plugin that can be themed with Twitter Bootstrap or jQueryUI.
forked from schierlm/JavaPayload
JavaPayload is a collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfigurations (like not password protected Tomcat manager or debugger port).
Plugin for manipulating requests in PortSwigger Burp Suite Pro v1.5+
forked from git/git
Git Source Code Mirror - This is a publish-only repository and all pull requests are ignored. Please follow Documentation/SubmittingPatches procedure for any of your improvements.
forked from gitlabhq/gitlabhq
Project management and code hosting application. Follow us on twitter @gitlabhq
forked from PTCoreSec/CTF-Scoreboard
A scoreboard for Security CTF events
forked from mturkia/serialization
Extender module for BurpSuite to decode and re-encode JAVA Object Serialization for security testing
forked from stripe-ctf/stripe-ctf-2.0
Capture the Flag: Web Edition https://stripe.com/blog/capture-the-flag-20