CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.
☆194Jun 25, 2015Updated 10 years ago
Alternatives and similar repositories for CryptOMG
Users that are interested in CryptOMG are comparing it to the libraries listed below
Sorting:
- Vulnerable web site. Used to test sentinel features.☆11Nov 18, 2016Updated 9 years ago
- A collection of web pages, vulnerable to command injection flaws☆182Mar 5, 2023Updated 3 years ago
- The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of co…☆447Aug 7, 2020Updated 5 years ago
- Short and simple vulnerable PHP web application that naïve scanners found to be perfectly safe☆14Dec 4, 2015Updated 10 years ago
- A configurable XPath/XML injection testbed☆33Jul 19, 2013Updated 12 years ago
- Set of test cases that can be used to test custom implementations of the SecRules language (ModSecurity rules format).☆17Feb 25, 2025Updated last year
- Extract Juniper firewall usernames and hashes and put into a John the Ripper format for cracking☆13Jul 4, 2014Updated 11 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Sep 19, 2017Updated 8 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Aug 10, 2013Updated 12 years ago
- Web Application Firewall For Limited Exploitation☆17Nov 15, 2017Updated 8 years ago
- The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.☆281Aug 13, 2024Updated last year
- A Tool for cross-platform System Enumeration☆12Mar 20, 2017Updated 9 years ago
- Create one or more monitor-mode virtual wireless interfaces with unique mac addresses.☆12Dec 14, 2018Updated 7 years ago
- A reconnaissance tool that can quickly discover hostnames from a list of IP addresses.☆38Dec 6, 2010Updated 15 years ago
- ISR-sqlget It's a blind SQL injection tool developed in Perl.☆14Apr 26, 2013Updated 12 years ago
- "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protecti…☆14Mar 4, 2017Updated 9 years ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago
- Automatically attack all file shares within AD network environment. Exploiting weak permissions.☆17Aug 2, 2019Updated 6 years ago
- Burp plugin to do random fuzzing of HTTP requests☆33Jan 31, 2017Updated 9 years ago
- A repository of tools and scripts related to malware analysis☆252Jul 29, 2016Updated 9 years ago
- Pivoter is a proxy tool for pentesters to have easier lateral movement.☆144Aug 9, 2015Updated 10 years ago
- A configurable SQL injection test-bed☆123Jul 19, 2013Updated 12 years ago
- Repository for the OWASP/WASC Distributed Web Honeypots Project -☆35Apr 16, 2015Updated 10 years ago
- OAuth plugin for Burp Suite Extender☆43Jun 27, 2018Updated 7 years ago
- Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created d…☆66May 16, 2024Updated last year
- ☆231Nov 18, 2015Updated 10 years ago
- XPath injection tool☆404Jan 11, 2023Updated 3 years ago
- A Java Server Faces (JSF) testing tool for decoding view state and creating view state attack vectors.☆32Dec 7, 2010Updated 15 years ago
- A WebDAV PROPFIND covert channel to deliver payloads☆52Nov 14, 2017Updated 8 years ago
- Advanced web server fingerprinting☆22Sep 27, 2017Updated 8 years ago
- Bug Bounty Clipboard☆17Nov 6, 2019Updated 6 years ago
- Another plugin for CRLF vulnerability detection☆25Jan 25, 2017Updated 9 years ago
- An extension for BurpSuite that highlights SSO messages in Burp's proxy window..☆120Apr 26, 2021Updated 4 years ago
- OWASP WebGoat.NET☆247Dec 16, 2023Updated 2 years ago
- Checks X11 and outputs a screenshot to of the display if allowed and the display is active☆23Dec 12, 2016Updated 9 years ago
- OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.☆355Dec 19, 2025Updated 3 months ago
- The Swiss army knife of byte manipulation☆43Oct 9, 2016Updated 9 years ago
- eXtremely fast data eXtraction via blind SQL injection☆14Aug 15, 2012Updated 13 years ago
- TCP session interception and injection framework☆55Mar 22, 2011Updated 14 years ago