ShiftLeftSecurity / flask-webgoat

Related projects: ⓘ

• TROUBLE-1 / Type-juggling
  Lab that will help you to understand how type juggling vulnerability works.
  ☆22Updated 3 years ago
• LewisArdern / metasecjs
  MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
  ☆77Updated last year
• janmasarik / bugshop
  ☆43Updated 4 years ago
• CaptainFreak / Web-CTF-Challenges
  Collection of quirky behaviours of code and the CTF challenges that I made around them.
  ☆26Updated 3 years ago
• opnsec / postMessage-logger
  Simple "postMessage logger" Chrome extension
  ☆92Updated 4 years ago
• rootxharsh / workshoplabs
  Labs from our workshop "Demystifying the server-side".
  ☆17Updated 2 years ago
• righettod / burp-piper-custom-scripts
  Custom scripts for the PIPER Burp extensions.
  ☆97Updated 11 months ago
• Rhynorater / reports
  ☆56Updated 2 months ago
• lc / jenkinz
  jenkinz is a tool to retrieve every build for every job ever created and run on a given Jenkins instance.
  ☆65Updated 5 years ago
• federicodotta / semgrep-rules
  A collection of my Semgrep rules
  ☆46Updated last year
• PortSwigger / auth-matrix
  AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.
  ☆38Updated last year
• pingidentity / AuraIntruder
  ☆17Updated last year
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆86Updated last year
• timkoopmans / eipfish
  Go fish for AWS EIPs
  ☆46Updated 3 years ago
• nccgroup / CollaboratorPlusPlus
  ☆145Updated 2 years ago
• defparam / haptyc
  ☆92Updated 3 years ago
• Ophion-Security / sret
  ☆99Updated this week
• justmorpheus / burp-automation
  Performing automated scan using Burp Suite Pro & Vmware Burp Rest API
  ☆47Updated last year
• fransr / hot-jar-swapping-urlclassloader
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆30Updated last year
• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆84Updated 2 years ago
• gocaio / sct
  Security checks for http headers and cookies
  ☆24Updated 3 years ago
• war-and-code / akamai-arl-hack
  Script to test open Akamai ARL vulnerability.
  ☆70Updated 3 years ago
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆39Updated 2 years ago
• physics-sec / DetectCrossOriginMessaging
  This Burp extension helps you to find usages of postMessage and recvMessage
  ☆15Updated 4 years ago
• PortSwigger / nginx-alias-traversal
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆50Updated 2 years ago
• BlackFan / CVE_PoCs
  CVE PoCs
  ☆21Updated 4 years ago
• codingo / Bugcrowd-Talks
  Slide Decks and Supporting Content of talks given for Bugcrowd
  ☆16Updated 4 years ago
• tuannq2299 / semgrep-rules
  A collection of Semgrep rules which followed security guidelines for .NET and Java.
  ☆12Updated 2 years ago
• Cache-Money / chronorace
  ☆69Updated 2 years ago
• kosmosec / proto-find
  Let's check if your target is vulnerable for client side prototype pollution.
  ☆61Updated 8 months ago