SaaSHub helps you find the best software and product alternatives Learn more →
Security-labs-pocs Alternatives
Similar projects and alternatives to security-labs-pocs
-
corretto-17
Amazon Corretto 17 is a no-cost, multi-platform, production-ready distribution of OpenJDK 17
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a better security-labs-pocs alternative or higher similarity.
security-labs-pocs reviews and mentions
Posts with mentions or reviews of security-labs-pocs.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-04-21.
-
Python install for non IT staff
Also to your point, interpreted languages are not as reliably detected by AV/NGAV/EDR/etc. from my experience. You could inquire with your EDR's technical reps or try downloading/running some existing malware written in Python in a disposable VM with your EDR installed and see if it gets picked up. Here are some real-world examples you could use, too: https://github.com/DataDog/security-labs-pocs/tree/main/malware-samples/pypi
- DataDog/security-labs-pocs: Proof of concept code for Datadog Security Labs referenced exploits. Now updated with a vulnerable environment to test out the new Confluence #CVE202226134 vulnerability. Handy.
- GitHub - DataDog/security-labs-pocs: Proof of concept code for Datadog Security Labs referenced exploits.
- Null ECDSA Signatures - Proof of concept for bypassing JWT signature checks using CVE-2022-21449
- Exploitation and Sample Vulnerable Application of the JWT Null Signature Vulnerability (CVE-2022-21449)
-
CVE-2022-21449
Arch as well but the point about responsible disclosure is for the majority of users to have the patch before the vulnerability and POC are published. And I'd bet most Java web things are running on one of the unpatched builds (like Ubuntu with its 10 year LTS).
- Exploitation and Sample Vulnerable Application of the JWT Null Signature Vulnerability (CVE-2022-21449) - not a real app, but fundament technique means it is only time
-
CVE-2022-21449: Psychic Signatures in Java
For anyone looking to reproduce the vulnerability with a sample vulnerable application, my team just released this to showcase it applied to bypass a JWT verification process: https://github.com/DataDog/security-labs-pocs/tree/main/proof-of-concept-exploits/jwt-null-signature-vulnerable-app
-
A note from our sponsor - SaaSHub
www.saashub.com | 1 Jun 2024
Stats
Basic security-labs-pocs repo stats
9
413
5.0
8 months ago
DataDog/security-labs-pocs is an open source project licensed under GNU General Public License v3.0 or later which is an OSI approved license.
The primary programming language of security-labs-pocs is C.
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com