{"payload":{"pageCount":1,"repositories":[{"type":"Public","name":"ysoserial-bf","owner":"BishopFox","isFork":true,"description":"A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.","allTopics":[],"primaryLanguage":{"name":"Java","color":"#b07219"},"pullRequestCount":0,"issueCount":0,"starsCount":19,"forksCount":1715,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-02-09T00:34:07.587Z"}},{"type":"Public","name":"VulnerableGWTApp","owner":"BishopFox","isFork":false,"description":"An intentionally-vulnerable GWT-based web application to test tooling and techniques","allTopics":[],"primaryLanguage":{"name":"Java","color":"#b07219"},"pullRequestCount":0,"issueCount":1,"starsCount":3,"forksCount":0,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-12-18T17:13:17.293Z"}},{"type":"Public","name":"kafka-connect-field-and-time-partitioner","owner":"BishopFox","isFork":true,"description":"Kafka Connect Store Partitioner by custom fields and time; also removing topic from s3 file path","allTopics":[],"primaryLanguage":{"name":"Java","color":"#b07219"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":29,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-09-18T16:05:35.096Z"}},{"type":"Public","name":"rmiscout","owner":"BishopFox","isFork":false,"description":"RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities","allTopics":["java","scanner","javassist","offensive-security","java-rmi","security-tools","java-deserialization"],"primaryLanguage":{"name":"Java","color":"#b07219"},"pullRequestCount":1,"issueCount":6,"starsCount":417,"forksCount":60,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-09-07T19:06:38.824Z"}},{"type":"Public","name":"GadgetProbe","owner":"BishopFox","isFork":false,"description":"Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.","allTopics":["pentesting","javassist","security-tools","burp-extensions","java-deserialization","pentest-tools","java"],"primaryLanguage":{"name":"Java","color":"#b07219"},"pullRequestCount":0,"issueCount":0,"starsCount":568,"forksCount":93,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2021-03-04T21:32:45.074Z"}}],"repositoryCount":5,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"Repositories"}