Veracode Research

Examples, research notes, tools created by the Veracode Research group. Offered as examples with NO WARRANTY OF ANY KIND.

Pinned Repositories

actuator-testbed
A vulnerable application exposing Spring Boot Actuators
Language:Java123 2 130
freebsd-perf-fuzz
FreeBSD port of the perf-fuzz OS optimized fuzzer
Language:C3 3 00
jClassViewer
A command line utility which examines all specified classes and their members from java binary archive files
Language:Java2 2 00
logging-formatter-anticrlf
Python logging Formatter for CRLF Injection (CWE-93 / CWE-117) prevention
Language:Python1 2 01
python3-class-viewer
A command line utility which examines all classes and their members for specified module
Language:Python1 2 00
research-paper-notes
3 5 00
rogue-jndi
A malicious LDAP server for JNDI injection attacks
Language:Java998 17 4220
solr-injection
Apache Solr Injection Research
570 18 065
spring-view-manipulation
When MVC magic turns black
Language:Java280 7 028
svrwb-fuzz-benchmark-suite
Single version, Real World (Dead) Bug Fuzzer Benchmark Suite (Work-in-Progress)
Language:C8 4 131

Veracode Research's Repositories

veracode-research/rogue-jndi
A malicious LDAP server for JNDI injection attacks
Language:Java998 17 4220
veracode-research/solr-injection
Apache Solr Injection Research
570 18 065
veracode-research/spring-view-manipulation
When MVC magic turns black
Language:Java280 7 028
veracode-research/actuator-testbed
A vulnerable application exposing Spring Boot Actuators
Language:Java123 2 130
veracode-research/svrwb-fuzz-benchmark-suite
Single version, Real World (Dead) Bug Fuzzer Benchmark Suite (Work-in-Progress)
Language:C8 4 131
veracode-research/freebsd-perf-fuzz
FreeBSD port of the perf-fuzz OS optimized fuzzer
Language:C3 3 00
veracode-research/research-paper-notes
3 5 00
veracode-research/jClassViewer
A command line utility which examines all specified classes and their members from java binary archive files
Language:Java2 2 00
veracode-research/logging-formatter-anticrlf
Python logging Formatter for CRLF Injection (CWE-93 / CWE-117) prevention
Language:Python1 2 01
veracode-research/python3-class-viewer
A command line utility which examines all classes and their members for specified module
Language:Python1 2 00
veracode-research/contributions
Document external code/content contributions made by Veracode Research
2 0
veracode-research/fuzzbench
FuzzBench - Fuzzer benchmarking as a service.
Language:Python2 01
veracode-research/fuzzer-research
Various research related to fuzzers and fuzzing
3 0
veracode-research/java-encoders
Language:HTML2 0
veracode-research/python-veralint
A collection of PyLint checkers for security issues
Language:Python2 0

Veracode Research

Pinned Repositories

actuator-testbed

freebsd-perf-fuzz

jClassViewer

logging-formatter-anticrlf

python3-class-viewer

research-paper-notes

rogue-jndi

solr-injection

spring-view-manipulation

svrwb-fuzz-benchmark-suite

Veracode Research's Repositories

veracode-research/rogue-jndi

veracode-research/solr-injection

veracode-research/spring-view-manipulation

veracode-research/actuator-testbed

veracode-research/svrwb-fuzz-benchmark-suite

veracode-research/freebsd-perf-fuzz

veracode-research/research-paper-notes

veracode-research/jClassViewer

veracode-research/logging-formatter-anticrlf

veracode-research/python3-class-viewer

veracode-research/contributions

veracode-research/fuzzbench

veracode-research/fuzzer-research

veracode-research/java-encoders

veracode-research/python-veralint