{"id":20099942,"url":"https://github.com/ikkisoft/parrotng","last_synced_at":"2025-05-06T06:31:51.846Z","repository":{"id":27018018,"uuid":"30482366","full_name":"ikkisoft/ParrotNG","owner":"ikkisoft","description":"ParrotNG is a tool capable of identifying Adobe Flex  applications (SWF) vulnerable to CVE-2011-2461","archived":false,"fork":false,"pushed_at":"2015-03-19T09:23:36.000Z","size":1812,"stargazers_count":48,"open_issues_count":1,"forks_count":9,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-04-19T11:48:44.300Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://www.slideshare.net/ikkisoft/the-old-is-new-again-cve20112461-is-back","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ikkisoft.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-02-08T05:49:07.000Z","updated_at":"2025-02-07T14:02:27.000Z","dependencies_parsed_at":"2022-09-01T02:01:10.998Z","dependency_job_id":null,"html_url":"https://github.com/ikkisoft/ParrotNG","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ikkisoft%2FParrotNG","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ikkisoft%2FParrotNG/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ikkisoft%2FParrotNG/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ikkisoft%2FParrotNG/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ikkisoft","download_url":"https://codeload.github.com/ikkisoft/ParrotNG/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252633666,"owners_count":21779898,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-13T17:13:42.665Z","updated_at":"2025-05-06T06:31:51.486Z","avatar_url":"https://github.com/ikkisoft.png","language":"Java","readme":"# ParrotNG ![ParrotNG Logo](http://i.imgur.com/Ek8SGIit.png \"ParrotNG Logo\")\n\nParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to [CVE-2011-2461](https://www.adobe.com/support/security/bulletins/apsb11-25.html). For more details, please refer to the slides of our [Troopers 2015 talk](http://www.slideshare.net/ikkisoft/the-old-is-new-again-cve20112461-is-back).\n\nDownload the latest release from [HERE](https://github.com/ikkisoft/ParrotNG/releases).\n\n##Features\n\n* Written in Java, based on [swfdump](http://www.swftools.org/swfdump.html)\n* One JAR, two flavors: command line utility and [Burp Pro](http://portswigger.net/burp/editions.html) Passive Scanner plugin \n* Detection of SWF files compiled with either a vulnerable Flex SDK version, patched by [Adobe's tool](http://helpx.adobe.com/flash-builder/kb/flex-security-issue-apsb11-25.html) or not affected\n\n##How To Use - Command Line\n\n1. Download the latest ParrotNG from the release page\n2. Simply use the following command:\n```\n$ java -jar parrotng_v0.2.jar \u003cSWF File | Directory\u003e\n```\nThe tool accepts a single SWF file or an entire directory.\n\n![ParrotNG CmdLine](http://i.imgur.com/1JT4CtH.png \"ParrotNGCmdLine\")\n\n##How To Use - Burp Pro Passive Scanner Plugin\n\n1. Download the latest ParrotNG from the release page\n2. Load Burp Suite Professional\n3. From the _Extender_ tab in Burp Suite,  add [parrotng_v0.2.jar](https://github.com/ikkisoft/ParrotNG/releases) as a standard Java-based Burp Extension\n4. Enable [Burp Scanner Passive Scanning](http://portswigger.net/burp/help/scanner_scanmodes.html)\n5. Browse your target web application. All SWF files passing through Burp Suite are automatically analyzed  \n\n![ParrotNG Burp](http://i.imgur.com/thAkkMB.png \"ParrotNGBurp\")\n\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fikkisoft%2Fparrotng","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fikkisoft%2Fparrotng","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fikkisoft%2Fparrotng/lists"}