Alternatives and similar repositories for vulnerable-code-snippets:

Users that are interested in vulnerable-code-snippets are comparing it to the libraries listed below

• riramar / h2csmuggler-proxy
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆37Updated 2 years ago
• CoreyD97 / Burp-Montoya-Utilities
  A collection of utilities for building extensions using Burp's Montoya API
  ☆47Updated 8 months ago
• elamaran619 / hackerone_wordlist
  The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform
  ☆51Updated 4 years ago
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆45Updated 2 years ago
• koaj / aws-s3-bucket-wordlist
  Most common AWS S3 bucket names.
  ☆27Updated 4 years ago
• GoSecure / request-smuggling-workshop
  ☆25Updated 2 years ago
• carlospolop / Pastos
  ☆52Updated 2 years ago
• PortSwigger / ator
  ☆29Updated 9 months ago
• OdinF13 / Bug-Bounty-Scripts
  Script for Bug Bounty
  ☆28Updated 3 years ago
• BishopFox / ysoserial-bf
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆25Updated last year
• vulnbe / burpsuite-copy-as-xmlhttprequest
  Copy as XMLHttpRequest BurpSuite extension
  ☆30Updated 3 years ago
• fyoorer / ffufsee
  Ffuf output browser
  ☆39Updated last year
• 0xAkashsky / sub-scout
  Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)
  ☆35Updated 2 years ago
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆67Updated 2 years ago
• pwndoc-ng / pwndoc-ng-database
  Collaborative vulnerability database for Pentesting & Pwndoc-Ng
  ☆16Updated 2 years ago
• carlospolop / Bruteforce-GCP-Permissions
  Use the GCP testIamPermissions functionality to bruteforce and discover your permissions
  ☆25Updated 5 months ago
• dwisiswant0 / nodep
  A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.
  ☆28Updated 2 years ago
• doyensec / CVE-2022-39299_PoC_Generator
  A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…
  ☆18Updated 2 years ago
• mrrootsec / AssetViz
  AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration test…
  ☆32Updated 10 months ago
• rekter0 / exploits
  ☆48Updated 2 years ago
• harisec / orange-confusion-attacks
  Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
  ☆20Updated 5 months ago
• haqqibrahim / Sling-Shot-R3con
  🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯
  ☆24Updated last year
• Th0h0 / autopoisoner
  Web cache poisoning vulnerability scanner.
  ☆64Updated 2 years ago
• j3ssie / durl
  Remove duplicate URLs by retaining only the unique combinations of hostname, path, and parameter names
  ☆34Updated 9 months ago
• rs-loves-bugs / burp-browser-profiles
  Make better use of the embedded browser that comes by default with Burp
  ☆42Updated last year
• 254Labs / awesome-bambdas
  A collection of Burp Suite Lambda Filters ~ Bambdas
  ☆25Updated 4 months ago
• spyx / ParamAngler
  ☆27Updated last year
• hakivvi / ermir
  an Evil Java RMI Registry.
  ☆48Updated 2 years ago
• pry0cc / gorgo
  A multi-threaded password sprayer based on Medusa, built for distributed spraying.
  ☆37Updated 3 years ago
• amalmurali47 / swagroutes
  swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.
  ☆56Updated last year