OWASP / OWASPWebGoatPHP
A deliberately vulnerable web application for learning web application security.
☆125Updated last year
Alternatives and similar repositories for OWASPWebGoatPHP:
Users that are interested in OWASPWebGoatPHP are comparing it to the libraries listed below
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆101Updated last year
- RIPS - A static source code analyser for vulnerabilities in PHP scripts☆313Updated 3 years ago
- The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre…☆96Updated 11 years ago
- A collection of web pages, vulnerable to command injection flaws.☆178Updated 2 years ago
- ☆241Updated 6 years ago
- a .js scanner, built in php. designed to scrape urls and other info☆212Updated 7 years ago
- A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…☆253Updated last year
- Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex☆401Updated 2 weeks ago
- A static analysis tool for security☆338Updated 3 months ago
- A collection of the solutions people wrote for the H1-212 Capture The Flag event☆95Updated 6 years ago
- Check any website (or set of websites) for insecure security headers.☆247Updated last year
- A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any yea…☆80Updated 7 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆349Updated last week
- PHP Security Check List [ EN ] 🌋 ☣️☆296Updated 5 years ago
- A Blind SQL Exploitation application☆79Updated 12 years ago
- Collection of vulnerable and fixed PHP synthetic test cases☆60Updated last year
- The Cleveridge Subdomain Scanner finds subdomains of a given domain.☆37Updated 5 years ago
- Sample vulnerable code and its exploit code☆189Updated 4 years ago
- A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…☆134Updated last year
- Simple Script to install recommended Bug Bounty Hunting Tools In Your Linux Disto☆47Updated 3 years ago
- Drupal enumeration & exploitation tool☆596Updated 4 years ago
- A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.☆164Updated 5 years ago
- Trying to make automated recon for bug bounties☆252Updated 3 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.☆311Updated 3 years ago
- OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.☆341Updated this week
- Payloads for CRLF Injection☆224Updated 5 months ago
- A collection of response templates for invalid bug bounty reports.☆90Updated 7 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆349Updated 4 years ago
- Brute force AWS bucket finder☆61Updated 2 years ago
- Damn Vulnerable File Upload V 1.1☆101Updated 6 years ago