NeuraLegion / brokencrystals

Related projects: ⓘ

• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆110Updated last year
• david3107 / graphql-security-labs
  GraphQL security workshop labs
  ☆100Updated 2 months ago
• shabarkin / aws-enumerator
  The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…
  ☆172Updated 2 years ago
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆258Updated last year
• Checkmarx / capital
  A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…
  ☆269Updated 5 months ago
• appsecco / dvja
  Damn Vulnerable Java (EE) Application
  ☆129Updated 7 months ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆182Updated last month
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆196Updated 2 years ago
• softwaresecured / secure-code-review-checklist
  A starter secure code review checklist
  ☆175Updated 5 years ago
• optiv / rest-api-goat
  ☆69Updated last year
• OWASP / www-project-security-champions-guidebook
  OWASP Foundation Web Respository
  ☆18Updated last week
• trufflesecurity / of-CORS
  ☆143Updated last year
• ShiftLeftSecurity / tarpit-java
  Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks
  ☆75Updated 2 years ago
• OWASP / raider
  OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
  ☆103Updated last year
• koenbuyens / Vulnerable-OAuth-2.0-Applications
  vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
  ☆305Updated 5 months ago
• PalindromeLabs / awesome-websocket-security
  Awesome information for WebSockets security research
  ☆244Updated 2 years ago
• appsecco / dvcsharp-api
  Damn Vulnerable C# Application (API)
  ☆71Updated 2 months ago
• jhaddix / awsScrape
  A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
  ☆223Updated 8 months ago
• Karmaz95 / crimson
  Web Application Security Testing Tools
  ☆230Updated 6 months ago
• Escape-Technologies / graphql-wordlist
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆318Updated 11 months ago
• dolevf / graphql-cop
  Security Auditor Utility for GraphQL APIs
  ☆346Updated last week
• AdnaneKhan / Gato-X
  GitHub Attack Toolkit - Extreme Edition
  ☆151Updated this week
• security-prince / Resources-for-Application-Security
  Some good resources for getting started with application security
  ☆133Updated 3 years ago
• dub-flow / secure-code-review-challenges
  This repo contains the code for my secure code review challenges
  ☆55Updated last week
• tprynn / web-methodology
  Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
  ☆201Updated 2 years ago
• detectify / ugly-duckling
  Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
  ☆187Updated 2 years ago
• mgreiler / secure-code-review-checklist
  ☆177Updated last year
• righettod / toolbox-pentest-web
  Docker toolbox for pentest of web based application.
  ☆136Updated this week
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆250Updated 2 months ago
• ScaleSec / vulnado
  Purposely vulnerable Java application to help lead secure coding workshops
  ☆167Updated 2 months ago