Warxim / vucsa
Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.
☆98Updated last year
Alternatives and similar repositories for vucsa:
Users that are interested in vucsa are comparing it to the libraries listed below
- A more useful CSRF PoC generator on Burp Suite☆87Updated 2 years ago
- A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.☆112Updated 2 months ago
- Burp Suite's extension to scan and crawl Single Page Applications☆102Updated last year
- WEB API fuzzing☆24Updated last year
- Spring4Shell Burp Scanner☆71Updated 3 years ago
- SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.☆161Updated last year
- cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…☆39Updated 2 years ago
- ☆54Updated 3 years ago
- Automated HTTP Request Repeating With Burp Suite☆36Updated 2 years ago
- CVE-2022-41852 Proof of Concept (unofficial)☆75Updated 2 years ago
- spring4shell | CVE-2022-22965☆21Updated 2 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆58Updated last year
- Endpoints Explorer is a Python script that employs multiple bypass rules to discover sensitive endpoints☆83Updated 10 months ago
- PoC for CVE-2021-45897☆18Updated 3 years ago
- Automatic Tools For Metabase Exploit Known As CVE-2023-38646☆27Updated last year
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆86Updated last year
- CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to des…☆101Updated 11 months ago
- CVE-2021-40346 PoC (HAProxy HTTP Smuggling)☆40Updated 3 years ago
- CVE-2022-46169 Cacti remote_agent.php Unauthenticated Command Injection.☆48Updated 2 years ago
- PoC for the recent critical vuln affecting OpenSSH versions < 9.3p2☆41Updated 4 months ago
- CVE Collection of jQuery UI XSS Payloads☆118Updated 2 years ago
- CVE-2024-27956 WordPress Automatic < 3.92.1 - Unauthenticated SQL Injection☆18Updated 11 months ago
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆20Updated 4 months ago
- Exploits targeting vBulletin.☆76Updated last year
- A Complete SSRF (Server Side Request Forgery) Scanner.☆33Updated 2 months ago
- Zimbra <9.0.0.p27 RCE☆100Updated 2 years ago
- Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)☆87Updated 2 years ago
- PoC repository for CVE-2023-29007☆33Updated last year
- CVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC☆117Updated last year
- Springboot detection☆21Updated 3 years ago