Corb3nik / SQLi-CTFLinks
A training CTF covering non-blind SQL injection techniques
☆70Updated 7 years ago
Alternatives and similar repositories for SQLi-CTF
Users that are interested in SQLi-CTF are comparing it to the libraries listed below
Sorting:
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆349Updated 2 years ago
- ☆265Updated 6 years ago
- Solutions and write-ups from security-based competitions also known as Capture The Flag competition☆101Updated 4 years ago
- Contents for Node.Js Security Course☆339Updated 4 years ago
- Lab for exploring SSRF vulnerabilities☆248Updated 4 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆373Updated 11 months ago
- Crack the shared secret of a HS256-signed JWT☆247Updated last year
- XXE Out of Band Server.☆170Updated 2 years ago
- HTTP file upload scanner for Burp Proxy☆410Updated 2 years ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆399Updated 2 years ago
- 🏴☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴☠️☆201Updated 6 years ago
- DNS rebinding toolkit☆253Updated 2 years ago
- research☆151Updated last year
- A penetration testing tool for finding file upload bugs (NDSS 2020)☆249Updated 4 years ago
- XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.☆140Updated 6 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆316Updated 2 years ago
- Lesser Known Web Attack Lab☆331Updated 5 years ago
- ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)☆291Updated 2 years ago
- A mini webserver with FTP support for XXE payloads☆332Updated last year
- notes and code on past CTFs☆102Updated 4 years ago
- Generate a PNG with a payload embedded in the IDAT chunk (Based off of previous concepts and code -- credit in README)☆210Updated last year
- SHELLING - a comprehensive OS command injection payload generator☆111Updated 6 years ago
- simple script to extract all web resources by means of .SVN folder exposed over network.☆471Updated last year
- Apache Solr Injection Research☆578Updated 5 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆262Updated 3 years ago
- Java deserialization exploitation lab.☆234Updated 6 years ago
- When MVC magic turns black☆293Updated 4 years ago
- A cheat sheet for attacking SQLite via SQLi☆99Updated 9 years ago
- Hunting Bugs for Fun and Profit☆269Updated 5 years ago
- ☆407Updated 3 years ago