vpn_exploitation_tool

AD + Citrix VPN Data Harvester Modular Java tool for testing...

gadgetinspector

This is a Java-based tool for finding deserialization gadget chains in Java applications. The tool is called "Gadget Inspector" and is presented as a project that was showcased at Black Hat USA 2018. The tool is designed to automatically discover possible gadget chains in an application's...

ysoserial

This is a Java-based proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, named ysoserial, is designed to create gadgets that can be used to execute arbitrary commands on a vulnerable application. The gadgets are created by wrapping a...

DependencyCheck

This is an open-source project for a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies. The project is called OWASP dependency-check. The project is written in Java and is designed to be used in a variety of environments, including...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE202424919 Vulnerability Scanner This Java tool scans a l...

Security Bulletin: SPSS Modeler Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract Java API Documentation contains a frame injection vulnerability Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...

OBDA systems Mastro 代码问题漏洞

OBDA systems Mastro is a Java tool for ontology-based data access OBDA from OBDA systems, Italy. A code issue vulnerability exists in OBDA systems Mastro version 1.0. An attacker could use this vulnerability to read system files via a custom DTD...

OBDA systems Mastro 安全漏洞

OBDA systems Mastro is a Java tool for ontology-based data access OBDA from OBDA systems, Italy. A security vulnerability exists in OBDA systems Mastro version 1.0 that stems from an XML entity extension attack that is vulnerable to denial of service...

Apache PDFBox Resource Management Error Vulnerability

Apache PDFBox is the United States Apache Apache Foundation of a Java-based open source language tool library . The product provides PDF document creation and editing and other functions. Apache PDFBox there is a security vulnerability , an attacker can exploit the vulnerability by crafting a PDF...

CVE-2021-21428 Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator

Openapi generator is a java tool which allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation...

Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption Exploit

Exploit Title: Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption Exploit Author: Tess Sluijter Vendor Homepage: https://www.tibco.com Version: 5.11x and before Tested on: MacOS, Linux, Windows Tibco password decryption exploit Background Tibco's documentation states that there are thre...

AndroTickler - Penetration Testing and Auditing Toolkit for Android Apps

A java tool that helps to pentest Android apps faster, more easily and more efficiently. AndroTickler offers many features of information gathering, static and dynamic checks that cover most of the aspects of Android apps pentesting. It also offers several features that pentesters need during the...

[JSQL v0.3] Java Tool for Automatic Database Injection

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform Windows, Linux, Mac OS X, Solaris. Version 0.2 features: GET, POST, header, cookie methods normal, error based, blind, time based algorithms automatic...

Henan mobile network client server system code defect analysis and use-vulnerability and early warning-the black bar safety net

Declare Oh herein no technical content---just to prove that java can also be made hack tool China Mobile's online customer service system everyone should be very familiar, because I was moving faithful henna user, naturally from Henan mobile speaking． In the mobile Hall handled the business users...