Skip to content
View frohoff's full-sized avatar
982 followers · 13 following

Achievements

Achievement: YOLOAchievement: Pair ExtraordinaireAchievement: Starstruckx4Achievement: Arctic Code Vault ContributorAchievement: Pull Sharkx2
BetaSend feedback

Achievements

Achievement: YOLOAchievement: Pair ExtraordinaireAchievement: Starstruckx4Achievement: Arctic Code Vault ContributorAchievement: Pull Sharkx2
BetaSend feedback
Block or Report

Block or report frohoff

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned

  1. ysoserial ysoserial Public

    A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

    Java 7.3k 1.7k

  2. ciphr ciphr Public

    CLI crypto swiss-army knife for performing and composing encoding, decoding, encryption, decryption, hashing, and other various cryptographic operations on streams of data from the command line; mo…

    Ruby 116 30

  3. inspector-gadget inspector-gadget Public

    Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language

    Java 102 24

  4. appseccali-marshalling-pickles appseccali-marshalling-pickles Public

    Slide deck from AppSecCali 2015 Talk "Marshalling Pickles: how deserializing objects will ruin your day"

    CSS 6 5

  5. owaspsd-deserialize-my-shorts owaspsd-deserialize-my-shorts Public

    Slide deck from OWASP SD Talk "Deserialize My Shorts: Or How I Learned to Start Worrying and Hate Java Object Deserialization"

    CSS 4 2