remote-method-guesser
Damn-Vulnerable-Bank
remote-method-guesser | Damn-Vulnerable-Bank | |
---|---|---|
1 | 3 | |
777 | 610 | |
- | - | |
8.6 | 4.7 | |
6 days ago | 5 months ago | |
Java | Java | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
remote-method-guesser
-
Pentesting Java RMI
have you ever used https://github.com/qtc-de/remote-method-guesser to at least enumerate Java RMI services? Have you ever used any other tool? Are they dangerous in prod context?
Damn-Vulnerable-Bank
What are some alternatives?
RmiTaste - RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets from ysoserial.
UnSAFE_Bank - Vulnerable Banking Suite
petep - PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications with various application protocols. ⚡
wstg - The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
CVE-2021-44228-PoC-log4j-bypass-words - 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
AndroidLibrary - Android library to reveal or obfuscate strings and assets at runtime
junixsocket - Unix Domain Sockets in Java (AF_UNIX)
Insular - A sandbox environment to clone selected apps and isolate them from accessing your personal data outside the sandbox (including call logs, contacts, photos and etc) even if related permissions are granted. Device-bound data (SMS, IMEI and etc) is still accessible.
ssslasher - Multithreaded and easy to use SSH password dictionnary bruteforcer written in Python and Java.
allsafe - Intentionally vulnerable Android application.