Warxim / vucsa
Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.
☆96Updated last year
Related projects ⓘ
Alternatives and complementary repositories for vucsa
- A more useful CSRF PoC generator on Burp Suite☆87Updated 2 years ago
- Burp Suite's extension to scan and crawl Single Page Applications☆99Updated last year
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆48Updated 2 years ago
- A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.☆110Updated 2 years ago
- SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.☆159Updated last year
- Automatic Tools For Metabase Exploit Known As CVE-2023-38646☆28Updated last year
- CVE-2022-41852 Proof of Concept (unofficial)☆74Updated 2 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆85Updated 9 months ago
- Unofficial Acunetix CLI tool for automated pentesting and bug hunting across large scopes.☆71Updated last year
- phpMyAdmin XSS☆114Updated 3 weeks ago
- CVE Collection of jQuery UI XSS Payloads☆115Updated last year
- PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]☆52Updated last year
- WEB API fuzzing☆24Updated last year
- Nuclei Templates to reproduce Cracking the lens's Research☆121Updated 2 years ago
- Spring4Shell Burp Scanner☆65Updated 2 years ago
- Endpoints Explorer is a Python script that employs multiple bypass rules to discover sensitive endpoints☆83Updated 5 months ago
- cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…☆37Updated 2 years ago
- ☆49Updated 2 years ago
- ☆33Updated 2 years ago
- Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)☆26Updated 2 years ago
- CVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC☆117Updated last year
- D3Ext's Forward Shell☆119Updated last year
- Active Directory Penetration Testing for Red Teams☆53Updated last month
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆20Updated 2 months ago
- CVE-2021-40346 integer overflow enables http smuggling☆34Updated 3 years ago
- ☆31Updated 2 years ago
- Cloud Penetration Testing Toolkit☆93Updated last week
- Fortinet FortiClient EMS SQL Injection☆43Updated 8 months ago