SirAppSec / vuln-node.js-express.js-app

Related projects ⓘ

Alternatives and complementary repositories for vuln-node.js-express.js-app

• PortSwigger / js-miner
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆54Updated last year
• tkisason / vulnapi
  Intentionaly very vulnerable API with bonus bad coding practices
  ☆40Updated 9 months ago
• BuildHackSecure / ffufme
  Target practice for ffuf
  ☆58Updated 3 years ago
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆97Updated 9 months ago
• snyk / socketsleuth
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆83Updated 5 months ago
• Anof-cyber / Pentest-Mapper
  A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…
  ☆111Updated last year
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆27Updated last year
• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆50Updated 2 years ago
• pry0cc / proteus
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆178Updated 2 years ago
• flamebarke / SkittlesBambda
  Filters and highlights Proxy HTTP history for requests with potentially vulnerable parameters
  ☆23Updated 11 months ago
• InsiderPhD / Arjun
  HTTP parameter discovery suite.
  ☆59Updated 4 years ago
• nccgroup / jwt-reauth
  ☆100Updated last year
• Hackndo / sprayhound
  Password spraying tool and Bloodhound integration
  ☆212Updated last year
• trickest / log4j
  Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.
  ☆112Updated 2 years ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆169Updated 2 weeks ago
• h4wkst3r / SCMKit
  Source Code Management Attack Toolkit
  ☆210Updated 2 years ago
• Charlie-belmer / vulnerable-node-app
  A NoSQL Injectable Node App
  ☆41Updated 3 years ago
• kosmosec / proto-find
  Let's check if your target is vulnerable for client side prototype pollution.
  ☆63Updated 10 months ago
• bcoles / jira_scan
  A simple remote scanner for Atlassian Jira
  ☆118Updated last year
• layro01 / node-api-goat
  A simple Node.js Express REST app with some OWASP vulnerabilities.
  ☆16Updated 3 months ago
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆137Updated last year
• PortSwigger / hackbar
  HackBar plugin for Burpsuite
  ☆25Updated 3 years ago
• usdAG / FlowMate
  FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…
  ☆155Updated 2 weeks ago
• s0j0hn / AWAE-OSWE-Prep
  ☆121Updated 3 years ago
• cybervelia / graphicator
  A GraphQL enumeration and extraction tool
  ☆128Updated last year
• Orange-Cyberdefense / CVE-repository
  Repository of CVE found by OCD people
  ☆73Updated 4 months ago
• GoSecure / xxe-workshop
  Workshop given at Hack in Paris 2019
  ☆121Updated last year
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆252Updated 4 months ago
• DevSecOpsDocs / nuclearpond
  Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.
  ☆170Updated 10 months ago
• doyensec / CSPTPlayground
  CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
  ☆83Updated last month