Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.
des_outils_pour_la_deserialisation [2019/10/22 11:43] M0N5T3R |
des_outils_pour_la_deserialisation [2020/09/21 00:33] (Version actuelle) M0N5T3R |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | FIXME **Le PAD pour proposer une amélioration à cette page :** https://pad.zenk-security.com/p/merci | ||
- | **Le PAD pour proposer une amélioration à cette page :** https://pad.zenk-security.com/p/merci | + | ====== Des outils pour la Déserialisation ====== |
+ | |||
+ | |||
+ | |||
+ | |||
+ | **PHP** | ||
+ | |||
+ | |||
+ | 🛠 PHPGGC https://github.com/ambionics/phpggc | ||
Ligne 20: | Ligne 29: | ||
+ | 📔 The cheat sheet about Java Deserialization vulnerabilities https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet | ||
+ | |||
+ | |||
+ | 📔 Explication en Francais de ce qu'est la déserialisation https://connect.ed-diamond.com/MISC/MISC-101/Deserialisation-Java-une-breve-introduction-au-ROP-de-haut-niveau | ||
+ | |||
+ | |||
+ | |||
+ | **Java (JBOSS)** | ||
+ | |||
+ | |||
+ | 🛠 JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool https://github.com/joaomatosf/jexboss | ||
** autre ** | ** autre ** | ||
Ligne 26: | Ligne 46: | ||
🛠 It is designed to help security testers by speeding up manual testing of (web)application and extend the Burp Scanner and Burp Intruder automated test capabilities. | 🛠 It is designed to help security testers by speeding up manual testing of (web)application and extend the Burp Scanner and Burp Intruder automated test capabilities. | ||
https://github.com/marcotinari/CustomDeserializer | https://github.com/marcotinari/CustomDeserializer | ||
+ | |||
+ | |||
+ |