ShiftLeftSecurity / tarpit-java
Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks
☆76Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for tarpit-java
- GraphQL security workshop labs☆102Updated 4 months ago
- DNS and Target HTTP History Local Storage and Search☆63Updated 3 years ago
- All Things Bug Bounty☆110Updated 2 years ago
- ☆121Updated 3 years ago
- xss development frameworks, with the goal of making payload writing easier.☆136Updated 3 months ago
- Detectify Crowdsource Challenge☆63Updated 2 years ago
- BurpSuite using the document and some extensions☆68Updated 4 years ago
- ☆100Updated last year
- An OSWE Guide☆108Updated 3 years ago
- ☆71Updated 4 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.☆84Updated last month
- Vulnerable SAML infrastructure training applicaiton☆48Updated last year
- This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response ma…☆78Updated last year
- A Burp Suite extension for CSRF proof of concepts.☆45Updated last year
- An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.☆205Updated 4 years ago
- Script to test open Akamai ARL vulnerability.☆70Updated 3 years ago
- Misc bounty and vulndisc things☆82Updated 3 years ago
- A one liner Bash command which finds CORS in every possible endpoint.☆116Updated 3 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆78Updated last year
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆42Updated 9 months ago
- ☆65Updated last year
- The project aims at creating target-specific wordlists for any web application that you are testing.☆63Updated 2 years ago
- Takeover AWS ips and have a working POC for Subdomain Takeover.☆89Updated 7 months ago
- HTTP parameter discovery suite.☆60Updated 4 years ago
- This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities☆88Updated last year
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- Damn Vulnerable Java (EE) Application☆130Updated 9 months ago
- Advanced Reconnaissance and Web Application Discovery☆75Updated 2 years ago
- A blazing fast & feature rich Amazon S3 bucket enumerator.☆94Updated 2 years ago