Alternatives and similar repositories for vulnerable-code-snippets

Users that are interested in vulnerable-code-snippets are comparing it to the libraries listed below

• elamaran619 / hackerone_wordlist
  The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform
  ☆54Updated 5 years ago
• roughiz / lfito_rce
  LFI to RCE via phpinfo() assistance or via controlled log file
  ☆69Updated 2 years ago
• PortSwigger / ator
  ☆30Updated last year
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆72Updated 3 years ago
• koaj / aws-s3-bucket-wordlist
  Most common AWS S3 bucket names.
  ☆27Updated 5 years ago
• vulnbe / burpsuite-copy-as-xmlhttprequest
  Copy as XMLHttpRequest BurpSuite extension
  ☆31Updated 4 years ago
• rs-loves-bugs / burp-browser-profiles
  Make better use of the embedded browser that comes by default with Burp
  ☆43Updated last year
• CoreyD97 / Burp-Montoya-Utilities
  A collection of utilities for building extensions using Burp's Montoya API
  ☆50Updated last year
• dwisiswant0 / nodep
  A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.
  ☆28Updated 3 years ago
• ApexPredator-InfoSec / AWAE-OSWE
  Review of AWAE.OSWE
  ☆31Updated 3 years ago
• snyk / socketsleuth
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆95Updated last year
• PortSwigger / serialization-examples
  ☆42Updated last year
• Sprocket-Security / cvetrends
  cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com
  ☆39Updated 2 years ago
• redhuntlabs / Hunt4Spring
  A "Spring4Shell" vulnerability scanner.
  ☆49Updated 5 months ago
• WhiteOakSecurity / Dynamic-DTD
  A python Flask app that generates dynamic DTDs for easy out-of-band data exfiltration.
  ☆30Updated 2 years ago
• riramar / h2csmuggler-proxy
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆37Updated 3 years ago
• BuildHackSecure / ffufme
  Target practice for ffuf
  ☆67Updated 3 years ago
• Zeyad-Azima / CVE-2022-1388
  F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LAB
  ☆12Updated 2 years ago
• RakeshKengale / RaKKeN
  Information Security Information From Web
  ☆27Updated 10 months ago
• kh4sh3i / ElasticSearch-Pentesting
  ElasticSearch exploit and Pentesting guide for penetration tester
  ☆29Updated 2 years ago
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆48Updated 2 years ago
• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆53Updated 3 years ago
• ExAndroidDev / fakemeeting
  Creates and sends fake meeting invite
  ☆66Updated 4 years ago
• hakivvi / ermir
  an Evil Java RMI Registry.
  ☆50Updated 2 years ago
• AlteredSecurity / CVE-2021-38647
  CVE-2021-38647 - POC to exploit unauthenticated RCE #OMIGOD
  ☆68Updated 3 years ago
• GoSecure / request-smuggling-workshop
  ☆26Updated 2 years ago
• samwcyo / CVE-2021-27651-PoC
  RCE for Pega Infinity >= 8.2.1, Pega Infinity <= 8.5.2
  ☆60Updated 4 years ago
• PortSwigger / server-side-prototype-pollution
  ☆37Updated 2 years ago
• CsEnox / CVE-2021-22911
  Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1
  ☆58Updated 2 years ago
• optionalCTF / SSOh-No
  User enumeration and password spraying tool for testing Azure AD
  ☆70Updated 3 years ago