LazyWeb is a demonstration web application designed to showcase common server-side application vulnerabilities. Each vulnerability is categorized with its respective difficulty rating to provide a comprehensive learning experience for developers and security enthusiasts.
☆117Feb 16, 2025Updated last year
Alternatives and similar repositories for lazyweb
Users that are interested in lazyweb are comparing it to the libraries listed below
Sorting:
- ☆66Aug 25, 2021Updated 4 years ago
- Open source alternative to Burpsuite☆15May 18, 2021Updated 4 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Dec 2, 2020Updated 5 years ago
- Wargames.MY 2019☆11Dec 18, 2019Updated 6 years ago
- Malaysia Elite Hacker Team☆11Jan 29, 2025Updated last year
- LEKIR - Vulnerable by design to help people learn about common web security☆30Jul 16, 2025Updated 7 months ago
- ☆26Jul 12, 2023Updated 2 years ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- Don't expect much :) Just expect to learn new things!☆64Mar 11, 2021Updated 4 years ago
- Registry permission scanner written in C# for finding potential privesc avenues within registry☆86Mar 9, 2021Updated 5 years ago
- A tool for testing subdomain takeover possibilities at a mass scale.☆50May 23, 2021Updated 4 years ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Oct 14, 2020Updated 5 years ago
- various python scripts☆16Jun 15, 2021Updated 4 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆76Sep 2, 2020Updated 5 years ago
- A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo…☆20Aug 29, 2022Updated 3 years ago
- [A]ndroid [A]pplication [P]entest [G]uide☆123Oct 10, 2019Updated 6 years ago
- Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations☆58Jul 26, 2020Updated 5 years ago
- Run TTPs, with AI!☆94Feb 23, 2026Updated 2 weeks ago
- RCE in NPM VSCode Extension☆20Apr 11, 2021Updated 4 years ago
- Kerberoast Detection Script☆30Oct 31, 2024Updated last year
- Short handy snippets from the @mwrlabs team☆20Jan 30, 2018Updated 8 years ago
- Yet Another Sniffer for monitoring network traffic☆84Jun 12, 2021Updated 4 years ago
- ☆21Nov 13, 2019Updated 6 years ago
- ☆61Jan 4, 2022Updated 4 years ago
- ☆42Dec 22, 2020Updated 5 years ago
- This is a monorepo including codes from grey hat c# by no starch and some of my own research with it.☆60Oct 25, 2021Updated 4 years ago
- A step by step workshop to exploit various vulnerabilities in Node.js and Java applications☆156Mar 17, 2024Updated last year
- ☆36Jul 11, 2018Updated 7 years ago
- Extract domains/subdomains/FQDNs from files and URLs☆19Jun 30, 2020Updated 5 years ago
- All known and unknown public POC's for wordpress themes and plugins☆79Jun 23, 2021Updated 4 years ago
- ansible roles to download and install empire (BC-Security),deathstar(byt3bl33der) and starkiller (BC-Security)☆24May 8, 2022Updated 3 years ago
- This is repo with my custom zsh completion files for pentesting tools, which do not exist in zsh and oh-my-zsh by default☆12Oct 23, 2025Updated 4 months ago
- Scripts I have made for blue team☆16Apr 1, 2018Updated 7 years ago
- SSRF to TCP Port Scanning, Banner and Private IP Disclosure by abusing the FTP protocol/clients☆70Jul 29, 2021Updated 4 years ago
- Useful scripts for autokey☆29Oct 28, 2020Updated 5 years ago
- Single-WebApp-Target essentials testing methodology tool starting at recon-information gathering for the juicy stuff ended up in exploita…☆23Jun 15, 2021Updated 4 years ago
- Everything you need about Burp Extension Generation☆157Jan 6, 2023Updated 3 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- gather gather gather☆584Mar 15, 2025Updated 11 months ago