Corb3nik / SQLi-CTF
A training CTF covering non-blind SQL injection techniques
☆69Updated 7 years ago
Alternatives and similar repositories for SQLi-CTF:
Users that are interested in SQLi-CTF are comparing it to the libraries listed below
- Lab for exploring SSRF vulnerabilities☆246Updated 3 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆349Updated 2 years ago
- ☆265Updated 6 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆105Updated last year
- My CTF write-ups!☆27Updated 2 years ago
- Practice hacking JWT tokens☆114Updated 2 years ago
- XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.☆141Updated 6 years ago
- Java deserialization exploitation lab.☆236Updated 6 years ago
- Simple "postMessage logger" Chrome extension☆96Updated 4 years ago
- PoC for CVE-2018-15133 (Laravel unserialize vulnerability)☆251Updated last year
- ☆96Updated 3 weeks ago
- XXE Out of Band Server.☆170Updated last year
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆259Updated 3 years ago
- A cheat sheet for attacking SQLite via SQLi☆99Updated 9 years ago
- notes and code on past CTFs☆103Updated 3 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆181Updated 4 years ago
- POC Exploit for Apache Tomcat 7.0.x CVE-2017-12615 PUT JSP vulnerability.☆111Updated 2 years ago
- A mini webserver with FTP support for XXE payloads☆330Updated last year
- Payloads for CRLF Injection☆223Updated 6 months ago
- A test suite built with Mocha/Chai to test for behavioral differences between image libraries for the web☆70Updated 4 years ago
- Sharing is caring. CTF challenge writeups☆32Updated 4 years ago
- Solutions and write-ups from security-based competitions also known as Capture The Flag competition☆101Updated 4 years ago
- ☆404Updated 3 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆313Updated last year
- research☆151Updated last year
- ☆109Updated 2 years ago
- SHELLING - a comprehensive OS command injection payload generator☆108Updated 5 years ago
- A lab for playing with NoSQL Injection☆131Updated 4 years ago
- ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)☆289Updated 2 years ago
- ☆281Updated 3 years ago