A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure code reviews. Features common vulnerabilities found in real-world applications, making it an ideal platform for security professionals, developers, and enthusiasts to learn pentesting and secure coding practices.
☆680Mar 25, 2026Updated 3 weeks ago
Alternatives and similar repositories for vuln-bank
Users that are interested in vuln-bank are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A deliberately vulnerable mobile banking application designed for practicing mobile security testing. Features common vulnerabilities fou…☆86Nov 25, 2025Updated 4 months ago
- ☆46Nov 22, 2025Updated 4 months ago
- Very Vulnerable Management API (VVMA) is a deliberately insecure RESTful API built with Node.js for educational and testing purposes. It …☆70Jun 5, 2025Updated 10 months ago
- HackerOne Notifier is an automated bot that monitors new programs launched on HackerOne and sends Telegram Bot notifications whenever a n…☆22Nov 4, 2025Updated 5 months ago
- Collection of Notes and CheatSheets used for Red teaming Certs☆498Feb 13, 2023Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A collection of js analysis tools & scripts.☆19Mar 8, 2026Updated last month
- Bash scripts to automate the burpsuite's certificate configuration and proxying of an Android device for penetration test.☆19May 26, 2025Updated 10 months ago
- A python-based vulnerability scanner designed to identify open redirect flaws in website applications.☆24Mar 15, 2026Updated last month
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆226Mar 28, 2025Updated last year
- Automation tool to testing and confirm the xss vulnerability.☆308Jul 18, 2025Updated 9 months ago
- This repository contains detailed adversary simulation APT campaigns targeting various critical sectors. Each simulation includes custom …☆1,066Mar 10, 2026Updated last month
- Just A list Of Some Multilingual XSS Payloads and other weird ones i made☆124Sep 28, 2025Updated 6 months ago
- This script automates SQL injection testing using SQLMap with AI-powered decision making.☆423Feb 7, 2026Updated 2 months ago
- best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect☆1,555Dec 7, 2025Updated 4 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A New Approach to Directory Bruteforce with WaybackLister v1.0☆230Aug 25, 2025Updated 7 months ago
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆816Mar 28, 2025Updated last year
- ☆15Apr 17, 2025Updated last year
- Grep subdomains from web pages.☆42Feb 10, 2025Updated last year
- My Notes about Penetration Testing☆734Jan 17, 2026Updated 3 months ago
- PentestAgent is an AI agent framework for black-box security testing, supporting bug bounty, red-team, and penetration testing workflows.☆2,019Updated this week
- Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll☆51Jun 16, 2025Updated 10 months ago
- This contains the contents needed to deploy a home lab in VirtualBox.☆18Jul 6, 2020Updated 5 years ago
- Knowledge Management for Offensive Security Professionals Official Repository☆150Feb 25, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- AWS IAM Username Enumerator and Password Spraying Tool in Python3☆90Dec 7, 2025Updated 4 months ago
- A simple place to learn XSS☆31Mar 20, 2021Updated 5 years ago
- This repository is a full-stack food delivery application inspired by Zomato. It includes a React.js frontend and integrates DevSecOps pr…☆15Apr 4, 2025Updated last year
- SubOwner - A Simple tool check for subdomain takeovers.☆116Oct 18, 2024Updated last year
- ShadowPhish is an advanced APT awareness toolkit designed to simulate real-world phishing, malware delivery, deepfakes, smishing/vishing,…☆235Apr 18, 2025Updated last year
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆94Apr 23, 2025Updated 11 months ago
- This repository provides examples of Vulnerable and Mitigated code as per CWE Categorization.☆23May 4, 2024Updated last year
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆44Feb 24, 2025Updated last year
- Azure AppHunter is an open-source tool created for security researchers, red teamers and defenders to help them identify excessive privil…☆104Feb 25, 2026Updated last month
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- HackTheBox Certified Penetration Tester Specialist Cheatsheet☆733Jul 10, 2024Updated last year
- 免杀木马样本☆106Oct 11, 2025Updated 6 months ago
- Formatify is a Burp Suite extension that instantly converts HTTP requests into multiple formats like cURL, Python, PowerShell, and more—s…☆31Sep 23, 2025Updated 6 months ago
- Various one-off pentesting projects written in Nim. Updates happen on a whim.☆160Jul 14, 2025Updated 9 months ago
- ☆23Mar 22, 2025Updated last year
- OOB listener powered by cloudflare workers☆12Apr 13, 2025Updated last year
- Simple web app to track OWASP WSTG security testing progress☆28Sep 12, 2025Updated 7 months ago