Veracode Research
Examples, research notes, tools created by the Veracode Research group. Offered as examples with NO WARRANTY OF ANY KIND.
Pinned Repositories
actuator-testbed
A vulnerable application exposing Spring Boot Actuators
freebsd-perf-fuzz
FreeBSD port of the perf-fuzz OS optimized fuzzer
jClassViewer
A command line utility which examines all specified classes and their members from java binary archive files
logging-formatter-anticrlf
Python logging Formatter for CRLF Injection (CWE-93 / CWE-117) prevention
python3-class-viewer
A command line utility which examines all classes and their members for specified module
research-paper-notes
rogue-jndi
A malicious LDAP server for JNDI injection attacks
solr-injection
Apache Solr Injection Research
spring-view-manipulation
When MVC magic turns black
svrwb-fuzz-benchmark-suite
Single version, Real World (Dead) Bug Fuzzer Benchmark Suite (Work-in-Progress)
Veracode Research's Repositories
veracode-research/rogue-jndi
A malicious LDAP server for JNDI injection attacks
veracode-research/solr-injection
Apache Solr Injection Research
veracode-research/spring-view-manipulation
When MVC magic turns black
veracode-research/actuator-testbed
A vulnerable application exposing Spring Boot Actuators
veracode-research/svrwb-fuzz-benchmark-suite
Single version, Real World (Dead) Bug Fuzzer Benchmark Suite (Work-in-Progress)
veracode-research/freebsd-perf-fuzz
FreeBSD port of the perf-fuzz OS optimized fuzzer
veracode-research/research-paper-notes
veracode-research/jClassViewer
A command line utility which examines all specified classes and their members from java binary archive files
veracode-research/logging-formatter-anticrlf
Python logging Formatter for CRLF Injection (CWE-93 / CWE-117) prevention
veracode-research/python3-class-viewer
A command line utility which examines all classes and their members for specified module
veracode-research/contributions
Document external code/content contributions made by Veracode Research
veracode-research/fuzzbench
FuzzBench - Fuzzer benchmarking as a service.
veracode-research/fuzzer-research
Various research related to fuzzers and fuzzing
veracode-research/java-encoders
veracode-research/python-veralint
A collection of PyLint checkers for security issues