Alternatives and similar repositories for vulnerable-code-snippets

Users that are interested in vulnerable-code-snippets are comparing it to the libraries listed below

• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆53Updated 3 years ago
• PortSwigger / serialization-examples
  ☆42Updated last year
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆72Updated 3 years ago
• elamaran619 / hackerone_wordlist
  The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform
  ☆56Updated 5 years ago
• nccgroup / jwt-reauth
  ☆105Updated 2 years ago
• EasyRecon / wappaGo
  ☆57Updated last year
• stolenusername / cowitness
  CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …
  ☆125Updated last year
• ApexPredator-InfoSec / AWAE-OSWE
  Review of AWAE.OSWE
  ☆31Updated 3 years ago
• k3nundrum / CRTP
  Notes for CRTP
  ☆41Updated 4 years ago
• riramar / h2csmuggler-proxy
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆37Updated 3 years ago
• redhuntlabs / Hunt4Spring
  A "Spring4Shell" vulnerability scanner.
  ☆49Updated 6 months ago
• GoSecure / request-smuggling-workshop
  ☆26Updated 2 years ago
• SecAuraYT / OSWE
  Repo for OSWE related video content for @SecAura Youtube Channel
  ☆35Updated 3 years ago
• yogisec / VulnerableSAMLApp
  Vulnerable SAML infrastructure training applicaiton
  ☆53Updated 2 years ago
• koaj / aws-s3-bucket-wordlist
  Most common AWS S3 bucket names.
  ☆27Updated 5 years ago
• shabarkin / CodeAllTheThings
  A list of threat sinks used in the manual security source code review for application security
  ☆72Updated 2 years ago
• 303sec / log4shell-everywhere
  A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headers
  ☆42Updated 3 years ago
• GoSecure / xxe-workshop
  Workshop given at Hack in Paris 2019
  ☆122Updated 2 years ago
• dmdhrumilmistry / offat
  Tests your API automatically for common API vulnerabilities. Project is still Work In Progress. PRs are appreciated.
  ☆34Updated last year
• VitthalS / ivna
  Intentionally Vulnerable Nodejs Application & APIs
  ☆22Updated 3 years ago
• BuffaloWill / burpsuite-project-file-parser
  A Burp Suite Extension for parsing Project Files from the CLI.
  ☆87Updated 10 months ago
• PortSwigger / server-side-prototype-pollution
  ☆38Updated 2 years ago
• ShutdownRepo / httpmethods
  HTTP verb tampering & methods enumeration
  ☆63Updated last week
• justmorpheus / burp-automation
  Performing automated scan using Burp Suite Pro & Vmware Burp Rest API
  ☆50Updated 2 years ago
• d3k4z / burp-copy-as-ffuf
  Burp Extension that copies a request and builds a FFUF skeleton
  ☆111Updated last year
• RakeshKengale / RaKKeN
  Information Security Information From Web
  ☆27Updated last week
• rs-loves-bugs / burp-browser-profiles
  Make better use of the embedded browser that comes by default with Burp
  ☆44Updated last year
• BishopFox / ysoserial-bf
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆29Updated last year
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆48Updated 3 years ago
• b0n1t0 / gSAST
  gSAST - Grep Static Analysis Security Tool
  ☆13Updated last year