A python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks
☆72Jul 22, 2024Updated last year
Alternatives and similar repositories for hackable
Users that are interested in hackable are comparing it to the libraries listed below
Sorting:
- Advanced Vulnerable Web Application (AVWA)☆14Jun 10, 2017Updated 8 years ago
- Ruby based script to perform application scanning of a URL, looking for specific pages to target.☆25Oct 29, 2014Updated 11 years ago
- Example Material for SecureState's 2016 Python for Pentesters Webinar☆10Dec 13, 2016Updated 9 years ago
- Files for the Defcon Toronto Introduction to 64-bit Linux Exploitation☆15Feb 23, 2018Updated 8 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Agent installed on node to launch IDA,Bindiff,... and send results to the server ( AutoDiffWeb )☆10Mar 25, 2016Updated 9 years ago
- Fuzzing Framework☆10Oct 23, 2017Updated 8 years ago
- Converts burp's sitemap to sulley's fuzzing script☆11Aug 30, 2015Updated 10 years ago
- Discovery is a powerful PowerShell module that lets you probe the inner depths of the operating system.☆16Jul 26, 2014Updated 11 years ago
- Rex library for various exploitation helpers☆21Sep 24, 2025Updated 5 months ago
- This repository contains all the talk materials and ebook from the talk System Hardening Using Ansible given at All Day DevOps 2016 onlin…☆12Nov 16, 2016Updated 9 years ago
- Collection of dockerfiles to build containers☆13Mar 19, 2018Updated 7 years ago
- What makes a password survive until the final 15% of hashes still left standing? Join us on the cracking equivalent of an archeological …☆14Feb 19, 2019Updated 7 years ago
- Rabbit in Python☆11Mar 20, 2018Updated 7 years ago
- Work files for my blog post "Code Caving in a PE file.☆16Dec 18, 2016Updated 9 years ago
- Damn Vulnerable Node Application☆20Dec 22, 2015Updated 10 years ago
- A plugin that provides resources for beginners to learn reverse engineering using Binary Ninja. It automatically installs several other p…☆26Aug 22, 2017Updated 8 years ago
- Script to identify new host using the subjectAltName (Subject Alternate Name) extension of a x509 HTTP TLS certificate.☆12Dec 25, 2020Updated 5 years ago
- Pull author and committer names and emails from Travis-CI☆11Aug 9, 2020Updated 5 years ago
- A PowerShell script to prevent Sysmon from writing its events☆16Apr 23, 2020Updated 5 years ago
- Automatically attack all file shares within AD network environment. Exploiting weak permissions.☆17Aug 2, 2019Updated 6 years ago
- Create shellcode from executable or assembly code☆12Jul 31, 2017Updated 8 years ago
- Repository for the Deprecated MITRE Capture the Flag scoreboard.☆11Sep 25, 2017Updated 8 years ago
- Internet Radio based on the Beaglebone Black platform☆15Mar 4, 2016Updated 9 years ago
- Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability☆10Sep 1, 2018Updated 7 years ago
- ☆14Oct 3, 2018Updated 7 years ago
- libghwp is a GObject based library for handling HWP documents. (NOT maintained. DO NOT PR)☆23Jul 6, 2018Updated 7 years ago
- A vulnerable web application to explain and illustrate deserialization of untrusted data with Pickle.☆13Sep 23, 2017Updated 8 years ago
- Designed and Implemented a Web Application Firewall as an Apache module that "sits" in-front of a web server. The WAF is designed to stop…☆16Jan 11, 2017Updated 9 years ago
- ☆13Jan 5, 2017Updated 9 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38May 16, 2017Updated 8 years ago
- MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.☆31May 10, 2016Updated 9 years ago
- ☆14Mar 31, 2018Updated 7 years ago
- A cookbook for managing the local security policy on a Windows system☆13Apr 13, 2021Updated 4 years ago
- Fuzzing tool written in Golang. Insane monkey not included.☆12Feb 22, 2018Updated 8 years ago
- JEB Scripts☆21Nov 28, 2014Updated 11 years ago
- An auto-scoring capture-the-flag game focusing on TOCTOU vulnerabilities☆21Oct 28, 2020Updated 5 years ago
- Fork of iSec Partners Android Intent Fuzzer (https://www.isecpartners.com/tools/mobile-security/intent-fuzzer.aspx)☆16Feb 10, 2015Updated 11 years ago
- 🛡 Monitor, analyze, & report security misconfigurations across environments.☆18Oct 26, 2017Updated 8 years ago