Hans-Martin Münch's repositories
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
el-injection-example-app
A simple example application to exercise EL injections
Ajax.NET-Professional
Ajax.NET Professional (AjaxPro) is one of the first AJAX frameworks available for Microsoft ASP.NET and is working with many .NET frameworks starting with v1.1. The framework will create proxy classes that are used on client-side JavaScript to invoke methods on the web server with full data type support working on all common web browsers including mobile devices.
awesome-frida
Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
awesome-log4shell
An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒
CVE-2023-28432_docker
Test environments for CVE-2023-28432, information disclosure in MinIO clusters
dhtmlxganttservice
A minimal implementation of the REST service that is used by dhtmlxgantt. Based on Python/Flask
frida-ipa-dump
Yet another frida based iOS dumpdecrypted
hibernate-orm
Hibernate's core Object/Relational Mapping functionality
InfoSec-Black-Friday
All the deals for InfoSec related software/tools this Black Friday
jackson-rce-via-spel
An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
metasploit-framework
Metasploit Framework
metasploit-payloads
Unified repository for different Metasploit Framework payloads
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
rogue-jndi
A malicious LDAP server for JNDI injection attacks
sliver
Adversary Emulation Framework
tsunami-security-scanner-plugins
This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.
TwelveMonkeys
TwelveMonkeys ImageIO: Additional plug-ins and extensions for Java's ImageIO
update-systemd-resolved
Helper script for OpenVPN to directly update the DNS settings of a link through systemd-resolved via DBus.