DataDog / vulnerable-java-applicationLinks
This repository contains a sample Java application vulnerable to command injection and server-side request forgery (SSRF).
☆20Updated 5 months ago
Alternatives and similar repositories for vulnerable-java-application
Users that are interested in vulnerable-java-application are comparing it to the libraries listed below
Sorting:
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 6 months ago
- ☆197Updated 9 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆49Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆134Updated 4 months ago
- Damn Vulnerable Cloud Application☆197Updated 6 years ago
- ☆127Updated last year
- Damn Vulnerable Java (EE) Application☆140Updated last year
- Find CVE PoCs on GitHub☆150Updated 2 weeks ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆64Updated 2 months ago
- Purposely vulnerable Java application to help lead secure coding workshops☆183Updated last year
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆273Updated 5 months ago
- A utility to convert your AWS CLI credentials into AWS console access.☆241Updated 5 years ago
- Cloud agnostic IAM permissions enumerator☆153Updated 4 months ago
- Tools to assess DNS security.☆152Updated last year
- Workshop given at Hack in Paris 2019☆122Updated 2 years ago
- GCP cloud security CTF☆46Updated last month
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆218Updated 3 years ago
- A GraphQL enumeration and extraction tool☆132Updated 2 years ago
- NotSoCereal: A Deserialization exploit playground☆53Updated 3 years ago
- ☆36Updated 5 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆191Updated 8 months ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆108Updated last year
- boostsecurityio/lotp☆131Updated 4 months ago
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints☆119Updated last month
- Proof of concept code for Datadog Security Labs referenced exploits.☆444Updated 4 months ago
- An extension to use Semgrep inside Burp Suite.☆89Updated 2 months ago
- ☆112Updated 2 years ago
- This repository is in progress, it will keep updating as I come across to new learning materials. Feel free to contribute.☆221Updated 2 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated last year
- The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources☆135Updated 4 years ago