Alternatives and similar repositories for vulnerable-code-snippets

Users that are interested in vulnerable-code-snippets are comparing it to the libraries listed below

• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆54Updated 3 years ago
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆73Updated 3 years ago
• rs-loves-bugs / burp-browser-profiles
  Make better use of the embedded browser that comes by default with Burp
  ☆45Updated last year
• stolenusername / cowitness
  CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …
  ☆125Updated last year
• BuildHackSecure / ffufme
  Target practice for ffuf
  ☆69Updated 4 years ago
• CoreyD97 / Burp-Montoya-Utilities
  A collection of utilities for building extensions using Burp's Montoya API
  ☆52Updated last month
• snyk / socketsleuth
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆100Updated 3 months ago
• elamaran619 / hackerone_wordlist
  The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform
  ☆59Updated 5 years ago
• ApexPredator-InfoSec / AWAE-OSWE
  Review of AWAE.OSWE
  ☆31Updated 3 years ago
• PortSwigger / server-side-prototype-pollution
  ☆42Updated 2 years ago
• PortSwigger / serialization-examples
  ☆42Updated 2 years ago
• riramar / h2csmuggler-proxy
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆36Updated 3 years ago
• redhuntlabs / Hunt4Spring
  A "Spring4Shell" vulnerability scanner.
  ☆49Updated 10 months ago
• six2dez / obsidian-pentesting-vault
  Sample Obsidian's vault for web pentesting
  ☆100Updated last year
• RakeshKengale / RaKKeN
  Information Security Information From Web
  ☆28Updated 4 months ago
• k3nundrum / CRTP
  Notes for CRTP
  ☆42Updated 4 years ago
• koaj / aws-s3-bucket-wordlist
  Most common AWS S3 bucket names.
  ☆27Updated 5 years ago
• PortSwigger / ator
  ☆32Updated last year
• H0j3n / EzpzSharepoint
  ☆27Updated 3 years ago
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆51Updated 3 years ago
• InitRoot / RouteRunner
  Checks if files is accessible based on the source code.
  ☆16Updated last year
• EasyRecon / wappaGo
  ☆58Updated last year
• ShutdownRepo / httpmethods
  HTTP verb tampering & methods enumeration
  ☆63Updated 4 months ago
• hackvertor / shadow-repeater
  ☆41Updated 3 weeks ago
• OdinF13 / Bug-Bounty-Scripts
  Script for Bug Bounty
  ☆29Updated 4 years ago
• grav3m1nd-byte / werkzeug-pin
  Yet another Werkzeug Console Pin Exploit Explanation
  ☆23Updated 4 years ago
• The-Login / DNS-Analyzer
  A Burp Suite extension for finding DNS vulnerabilities in web applications!
  ☆94Updated 2 years ago
• justmorpheus / burp-automation
  Performing automated scan using Burp Suite Pro & Vmware Burp Rest API
  ☆52Updated 3 years ago
• WhiteOakSecurity / Dynamic-DTD
  A python Flask app that generates dynamic DTDs for easy out-of-band data exfiltration.
  ☆30Updated 3 years ago
• honoki / burp-digitalocean-openvpn-socks
  A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it
  ☆51Updated last month