AonCyberLabs/PadBuster AonCyberLabs/PadBuster

  • Stars
    star
    736
  • Rank 61,564 (Top 2 %)
  • Language
    Perl
  • License
    Apache License 2.0
  • Created over 13 years ago
  • Updated 4 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
AonCyberLabs/PadBuster
github

AonCyberLabs

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Automated script for performing Padding Oracle attacks 
PadBuster - Automated script for performing Padding Oracle attacks

Author: Brian Holyfield - Gotham Digital Science ([email protected])

Credits to J.Rizzo and T.Duong for providing proof of concept web exploit
techniques and S.Vaudenay for initial discovery of the attack. Credits also
to James M. Martin ([email protected]) for sharing proof of concept exploit
code for performing various brute force attack techniques.

PadBuster is a Perl script for automating Padding Oracle Attacks. PadBuster  
provides the capability to decrypt arbitrary ciphertext, encrypt arbitrary plaintext, 
and perform automated response analysis to determine whether a request is vulnerable 
to padding oracle attacks.

PadBuster is released under the Apache License, version 2.0 (Apache-2.0)
https://opensource.org/licenses/Apache-2.0

More Repositories

1

Windows-Exploit-Suggester

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
Python
3,910
star
2

Docker-Secure-Deployment-Guidelines

Deployment checklist for securely deploying Docker
599
star
3

EvilAbigail

Automated Linux evil maid attack
Python
419
star
4

Cexigua

Linux based inter-process code injection without ptrace(2)
Shell
238
star
5

xxe-recursive-download

Python
228
star
6

SSH-Weak-DH

Python
102
star
7

D-Modem

A software SIP modem
C
96
star
8

Nmap-Scripts

Lua
46
star
9

Fizzer

Fizzer is an assessment tool for fuzzing FIX messages.
C#
28
star
10

mbedtls-fuzz

C
26
star
11

BadSamba

This module is used to exploit startup script execution through Windows Group Policy settings when configured to run off of a remote SMB share.
Ruby
22
star
12

MAM-Security-Checklist

Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution
19
star
13

BlazorTrafficProcessor

Java
15
star
14

DUALITY

C#
13
star
15

FastInfoset-Burp-Plugin

Burp plugin to convert fast infoset (FI) to/from the text-based XML document format allowing easy editing
Java
12
star
16

LowDLL

C#
7
star
17

aon-password-research

Python
4
star